pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastelink.net/eplmib2j
Submission: On June 27 via manual (June 27th 2023, 1:26:50 pm UTC) from ES — Scanned from GE

Summary HTTP 366 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 61 IPs in 10 countries across 87 domains to perform 366 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 93704.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.

This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	88.208.215.108 88.208.215.108	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
2	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
4	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
3	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	104.26.6.139 104.26.6.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	104.26.2.70 104.26.2.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	159.65.16.11 159.65.16.11	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.26.9.169 104.26.9.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
1	104.18.2.114 104.18.2.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11 17	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
6 35	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
4	213.19.162.51 213.19.162.51	3356 (LEVEL3) (LEVEL3)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.7.10 178.250.7.10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	54.77.135.147 54.77.135.147	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
31	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	216.58.212.161 216.58.212.161	15169 (GOOGLE) (GOOGLE)
20	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
18 25	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
9 18	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	104.21.234.9 104.21.234.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.32.99.30 13.32.99.30	16509 (AMAZON-02) (AMAZON-02)
7	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
4	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
9	104.64.126.246 104.64.126.246	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 7	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 8	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
11 13	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 7	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
9 9	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	35.158.13.41 35.158.13.41	16509 (AMAZON-02) (AMAZON-02)
1	108.128.170.101 108.128.170.101	16509 (AMAZON-02) (AMAZON-02)
4 4	104.79.25.60 104.79.25.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.84.88.77 99.84.88.77	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	3.227.148.228 3.227.148.228	14618 (AMAZON-AES) (AMAZON-AES)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
2 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
8 8	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
3 3	46.228.164.11 46.228.164.11	() ()
3 3	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	69.166.1.10 69.166.1.10	() ()
1	3.76.139.6 3.76.139.6	() ()
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	185.64.191.210 185.64.191.210	() ()
1 1	37.252.171.85 37.252.171.85	() ()
3	52.210.15.1 52.210.15.1	() ()
5 5	198.47.127.205 198.47.127.205	() ()
2 2	37.157.5.133 37.157.5.133	() ()
1 1	193.122.128.135 193.122.128.135	() ()
366	61

13 88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

pastelink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.139 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.16.11 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-14.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.252.171.52 (Frankfurt am Main, Germany) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 51.89.9.252 (London, United Kingdom) 6 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.77.135.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f1.1e100.net

c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.66 (United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.80.39.216 (Canada) 9 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.21.234.9 (None, )

ASN13335 (CLOUDFLARENET, US)

dsp.adviad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adviad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.132.241 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.104 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.46.130.91 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.190.79 (United Kingdom) 11 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.75.62.37 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.33.220.150 (Seattle, United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.13.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-13-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.170.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-170-101.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.79.25.60 (Glattbrugg, Switzerland) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-25-60.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-77.muc50.r.cloudfront.net

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.148.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-148-228.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.91 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.228.174.117 (United Kingdom) 8 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.164.11 (None, ) 3 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.130 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.166.1.10 (None, ) 2 redirects

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.139.6 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.191.210 (None, ) 4 redirects

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.210.15.1 (None, )

ASN- ()

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.205 (None, ) 5 redirects

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (None, ) 1 redirects

ASN- ()

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	313 KB
37	doubleclick.net 18 redirects ad.doubleclick.net — Cisco Umbrella Rank: 184 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	237 KB
35	onetag-sys.com 6 redirects onetag-sys.com — Cisco Umbrella Rank: 857	15 KB
31	pubmatic.com 20 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575 ads.pubmatic.com — Cisco Umbrella Rank: 553 image8.pubmatic.com — Cisco Umbrella Rank: 738 image6.pubmatic.com — Cisco Umbrella Rank: 812 image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com Failed	56 KB
27	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 552 eus.rubiconproject.com — Cisco Umbrella Rank: 616 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2423 pixel.rubiconproject.com — Cisco Umbrella Rank: 374 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160 token.rubiconproject.com Failed pixel-us-east.rubiconproject.com Failed	53 KB
19	adnxs.com 12 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 acdn.adnxs.com — Cisco Umbrella Rank: 587 secure.adnxs.com	36 KB
18	casalemedia.com 9 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485 dsum.casalemedia.com Failed	14 KB
17	adviad.com dsp.adviad.com — Cisco Umbrella Rank: 212133 cdn.adviad.com — Cisco Umbrella Rank: 250341	316 KB
17	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 3004 public.servenobid.com — Cisco Umbrella Rank: 5241	10 KB
13	pastelink.net pastelink.net — Cisco Umbrella Rank: 93704	311 KB
9	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	4 KB
8	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 333 aax-eu.amazon-adsystem.com Failed	5 KB
8	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1494 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1820 ssbsync.smartadserver.com Failed	2 KB
7	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 338 pr-bh.ybp.yahoo.com Failed	1 KB
6	1rx.io 6 redirects sync.1rx.io — Cisco Umbrella Rank: 613	4 KB
5	mathtag.com 5 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	3 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	524 KB
5	media.net prebid.media.net — Cisco Umbrella Rank: 1429 contextual.media.net — Cisco Umbrella Rank: 675 hbx.media.net Failed cs.media.net Failed c21lg-d.media.net Failed	15 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	251 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	266 KB
4	lijit.com 4 redirects ce.lijit.com — Cisco Umbrella Rank: 1060 ap.lijit.com — Cisco Umbrella Rank: 782	2 KB
4	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1920 usersync.gumgum.com	2 KB
4	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 719 gum.criteo.com — Cisco Umbrella Rank: 405 dis.criteo.com Failed	7 KB
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 1574 mp.4dex.io — Cisco Umbrella Rank: 2835 u.4dex.io — Cisco Umbrella Rank: 4330	27 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1077 api.btloader.com — Cisco Umbrella Rank: 1148	9 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	2 KB
3	rfihub.com 3 redirects p.rfihub.com — Cisco Umbrella Rank: 977	2 KB
3	turn.com 3 redirects ad.turn.com	1 KB
3	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 717
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	adform.net cm.adform.net Failed c1.adform.net	1 KB
2	sonobi.com 2 redirects sync.go.sonobi.com	2 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	929 B
2	technoratimedia.com 1 redirects ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 3909 sync.technoratimedia.com uat-net.technoratimedia.com Failed	7 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 359	291 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	59 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1168	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	154 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
1	sharethrough.com match.sharethrough.com	361 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 4317	600 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1435	1 KB
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5096	764 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3835	940 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 22106	686 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 22022	150 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	1 KB
0	taboola.com Failed sync.taboola.com Failed
0	aralego.com Failed sync.aralego.com Failed
0	3lift.com Failed eb2.3lift.com Failed
0	33across.com Failed pixel.33across.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	socdm.com Failed tg.socdm.com Failed
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed synacor-match.dotomi.com Failed
0	bumlam.com Failed sync.bumlam.com Failed
0	simpli.fi Failed um.simpli.fi Failed
0	audrte.com Failed a.audrte.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	mrtnsvr.com Failed ad.mrtnsvr.com Failed
0	iprom.net Failed core.iprom.net Failed
0	loopme.me Failed csync.loopme.me Failed
0	ctnsnet.com Failed ipac.ctnsnet.com Failed
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	adition.com Failed dsp.adfarm1.adition.com Failed
0	quantserve.com Failed cms.quantserve.com Failed
0	de17a.com Failed d5p.de17a.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	creative-serving.com Failed ads.creative-serving.com Failed
0	brand-display.com Failed dmp.brand-display.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	avct.cloud Failed ads.avct.cloud Failed
0	w55c.net Failed pm.w55c.net Failed
0	openx.net Failed us-u.openx.net Failed
0	shb-sync.com Failed us.shb-sync.com Failed
366	87

	Domain	Requested by
35	onetag-sys.com	6 redirects cdn4.buysellads.net onetag-sys.com public.servenobid.com sync.adkernel.com ads.pubmatic.com ad-cdn.technoratimedia.com
31	pagead2.googlesyndication.com	securepubads.g.doubleclick.net c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
25	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net onetag-sys.com g2.gumgum.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
17	ib.adnxs.com	11 redirects cdn4.buysellads.net googleads.g.doubleclick.net acdn.adnxs.com
16	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com contextual.media.net onetag-sys.com ssum-sec.casalemedia.com g2.gumgum.com cs-rtb.minutemedia-prebid.com cs-server-s2s.yellowblue.io
15	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
14	cdn.adviad.com	dsp.adviad.com cdn.adviad.com c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
13	image8.pubmatic.com	11 redirects onetag-sys.com
13	pastelink.net	pastelink.net
9	match.adsrvr.org	9 redirects
9	eus.rubiconproject.com	cdn4.buysellads.net eus.rubiconproject.com public.servenobid.com contextual.media.net g2.gumgum.com u.4dex.io
8	s.amazon-adsystem.com	3 redirects onetag-sys.com ssum-sec.casalemedia.com
8	googleads.g.doubleclick.net	c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	ups.analytics.yahoo.com	5 redirects onetag-sys.com
7	pixel.rubiconproject.com	2 redirects onetag-sys.com
7	ads.pubmatic.com	cdn4.buysellads.net public.servenobid.com u.4dex.io contextual.media.net ads.pubmatic.com g2.gumgum.com ad-cdn.technoratimedia.com
6	sync.1rx.io	6 redirects public.servenobid.com
5	simage2.pubmatic.com	5 redirects
5	sync.mathtag.com	5 redirects
5	s0.2mdn.net	c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com cdn.adviad.com
5	c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	prg.smartadserver.com	cdn4.buysellads.net
5	www.googletagservices.com	cdn4.buysellads.net c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
4	image2.pubmatic.com	4 redirects
4	secure-assets.rubiconproject.com	4 redirects ad-cdn.technoratimedia.com
4	contextual.media.net	cdn4.buysellads.net contextual.media.net eus.rubiconproject.com public.servenobid.com
4	fastlane.rubiconproject.com	cdn4.buysellads.net
4	fonts.gstatic.com	fonts.googleapis.com
3	usersync.gumgum.com	g2.gumgum.com eus.rubiconproject.com
3	p.rfihub.com	3 redirects
3	ad.turn.com	3 redirects
3	ssum-sec.casalemedia.com	public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com
3	id.rlcdn.com	onetag-sys.com
3	ssbsync-global.smartadserver.com	1 redirects onetag-sys.com
3	pixel-eu.rubiconproject.com	1 redirects onetag-sys.com
3	gum.criteo.com	static.criteo.net gum.criteo.com contextual.media.net
3	dsp.adviad.com	c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	api.btloader.com	btloader.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.com	1 redirects pastelink.net tpc.googlesyndication.com
2	c1.adform.net	2 redirects
2	sync.go.sonobi.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	ap.lijit.com	2 redirects
2	ce.lijit.com	2 redirects
2	x.bidswitch.net	onetag-sys.com public.servenobid.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	ad-delivery.net	pastelink.net
2	www.googletagmanager.com	pastelink.net www.googletagmanager.com
2	fonts.googleapis.com	pastelink.net
1	sync.technoratimedia.com	1 redirects public.servenobid.com
1	secure.adnxs.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	match.sharethrough.com	public.servenobid.com
1	ad-cdn.technoratimedia.com	public.servenobid.com
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com sync.adkernel.com g2.gumgum.com onetag-sys.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	u.4dex.io	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	ad.doubleclick.net	pastelink.net
1	btloader.com	cdn4.buysellads.net
1	www.gstatic.com	www.google.com
1	cdn4.buysellads.net	pastelink.net
1	cdnjs.cloudflare.com	pastelink.net
0	sync.taboola.com Failed	public.servenobid.com
0	synacor-match.dotomi.com Failed	public.servenobid.com
0	sync.aralego.com Failed	public.servenobid.com
0	uat-net.technoratimedia.com Failed	public.servenobid.com
0	eb2.3lift.com Failed	ad-cdn.technoratimedia.com
0	pixel.33across.com Failed	ad-cdn.technoratimedia.com
0	pixel-us-east.rubiconproject.com Failed	eus.rubiconproject.com
0	cs.admanmedia.com Failed	g2.gumgum.com
0	tg.socdm.com Failed	g2.gumgum.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	pixel-sync.sitescout.com Failed	ads.pubmatic.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	sync.bumlam.com Failed	ads.pubmatic.com
0	image4.pubmatic.com Failed	ads.pubmatic.com
0	um.simpli.fi Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	cr.frontend.weborama.fr Failed	ads.pubmatic.com
0	sync.crwdcntrl.net Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	ads.pubmatic.com
0	ad.mrtnsvr.com Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	csync.loopme.me Failed	ads.pubmatic.com
0	ipac.ctnsnet.com Failed	ads.pubmatic.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com g2.gumgum.com
0	dsp.adfarm1.adition.com Failed	ads.pubmatic.com
0	cms.quantserve.com Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	bh.contextweb.com Failed	g2.gumgum.com
0	ad.360yield.com Failed	g2.gumgum.com public.servenobid.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	sync.srv.stackadapt.com Failed	g2.gumgum.com ads.pubmatic.com
0	sync.outbrain.com Failed	g2.gumgum.com
0	ads.creative-serving.com Failed	g2.gumgum.com
0	dmp.brand-display.com Failed	ssum-sec.casalemedia.com
0	dsum.casalemedia.com Failed	ssum-sec.casalemedia.com
0	match.prod.bidr.io Failed	ssum-sec.casalemedia.com ads.pubmatic.com public.servenobid.com
0	pr-bh.ybp.yahoo.com Failed	ssum-sec.casalemedia.com g2.gumgum.com ads.pubmatic.com
0	c21lg-d.media.net Failed	contextual.media.net
0	aax-eu.amazon-adsystem.com Failed	ads.pubmatic.com
0	token.rubiconproject.com Failed
0	rtb.mfadsrvr.com Failed	contextual.media.net onetag-sys.com
0	b1sync.zemanta.com Failed	contextual.media.net g2.gumgum.com
0	ads.avct.cloud Failed	contextual.media.net
0	dis.criteo.com Failed	contextual.media.net ads.pubmatic.com
0	pm.w55c.net Failed	contextual.media.net
0	cs.media.net Failed	contextual.media.net
0	us-u.openx.net Failed	contextual.media.net g2.gumgum.com ad-cdn.technoratimedia.com
0	hbx.media.net Failed	public.servenobid.com
0	us.shb-sync.com Failed	public.servenobid.com
0	cm.adform.net Failed	public.servenobid.com
0	ssbsync.smartadserver.com Failed	public.servenobid.com g2.gumgum.com
366	131

This site contains links to these domains. Also see Links.

Domain
www.cmd368thai.org
www.facebook.com
twitter.com
t.me
api.whatsapp.com
www.reddit.com
www.pinterest.com
www.tumblr.com
www.blogger.com
profitquery.com
www.linkedin.com
share.flipboard.com
social-plugins.line.me
www.meneame.net
diasp.org

Subject Issuer	Validity	Valid
*.pastelink.net R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn4.buysellads.net R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
adviad.com GTS CA 2P2	`2023-05-16` - `2023-08-14`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
u.4dex.io GTS CA 1D4	`2023-05-01` - `2023-07-30`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.technoratimedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh

This page contains 77 frames:

Primary Page: https://pastelink.net/eplmib2j
Frame ID: 16C6683DD7E9BE5037AEBE1EAB154A9C
Requests: 66 HTTP requests in this frame

Frame: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 894B86546D70B8EB61137DB87BD66DF4
Requests: 1 HTTP requests in this frame

Frame: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 10B0FD3E7D619757D72791BCAB0F8FEB
Requests: 15 HTTP requests in this frame

Frame: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F6BDBFF7168110477E7386C50FC8140
Requests: 15 HTTP requests in this frame

Frame: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D672C6B26718740FD2389D867EFDCF5B
Requests: 15 HTTP requests in this frame

Frame: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC839069D03AFF22F530DDFEF590B0B7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYhs-I7gEwAQ&v=APEucNVuB9rLebUPhIMOSvRWQpv4ltLrijYTEkTYobhmAAUNwg8N4gAwoV3CaB7KFaMaNOESwCtOxLWaW68iDHZmdvP7kn4i0A
Frame ID: 1D1430DF48FAC97F2301AAD8F9DDF4F0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 308056469821822C823FFA8BD52CCE90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B18E4AC7658AA21E9D1335FACB02EA7F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQY49uN7gEwAQ&v=APEucNWDEt3A6pkipMWM3awO8bLpn-RB-sPP1crMKKJ_DL05OsNP_pE-TauTrxWQFLBmMzjQjDhnr7wgse2gonjVYcn926O14w
Frame ID: 7AEB614D562EB355E3E0AADF54FB0ECC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYg-CI7gEwAQ&v=APEucNWJqlsqL3KiyvfJryA0lrapTk1qM126_0ODb4jXzvI1k3529-YcSSS8ZQnaDFX21AqWWk0GqeSWU_CiSdvp28_MWQZVYw
Frame ID: 52F2B6AD089B451C40BC408AE2D782F5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 74C202516547509181C34B39A461835C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 994E38077437400EB5C73BB66B357D41
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 48C6DC8D597D66C8FC71B29A3365C79D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/
Frame ID: DA7BE0E3DCD8B433DE5CB3F8AF72E090
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4DCB358F5859F580BD9CE9ECDB63DE5F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/
Frame ID: 07491F16707229DB8231376F0F5CAE68
Requests: 5 HTTP requests in this frame

Frame: https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/
Frame ID: 4259129F3BB75460F8FD09FECDAD903E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D734418CC2C0BF4CCB898556782C950
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 87736BF3857DEA364DB50534803166BB
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 238760D121B83BCAD53349827AFE16B2
Requests: 18 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1687872404830
Frame ID: 6DB3E15AFE11505614D1DC0EEBE8EC49
Requests: 14 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html
Frame ID: 9861EEAAA8EBD934108193CB442AD72E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E2EA54A1A674F34BFB3DAE429D9A23E9
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8C077BD1666F763914502192FCC76DA4
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 552F43874D6246DDE7D560859BBB3D5B
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 905796D485A53E668345F4871F196C83
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 45EB5A3C8D481010AB80B91BF245F927
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 63BADDC4C381069B081288F03FB1C96A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: ADC788E385C496DC1D03FB2E8AA8B8B3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 53ED7BF5C0DC489285887093D714ADD8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B666E2E056580E8B6DB8721DCD596220
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: C0DE1818B86E2296036C4134E39C30B0
Requests: 2 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 2B08B4D743E3A5555230EA94492FBCB9
Requests: 2 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: F12F6B253507BEA6F767C70E389840BE
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Frame ID: DF7D668434725A6CDEB22218ACDB758E
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 2B3C5B6F6A1DC8DEE6E3CDE4EF203D4B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 894E1C311DA1F1FA238F6984C766AC8C
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3308740084267757000V10&type=rkt&refUrl=&vid=78724086423308740084267757000V10&ovsid=5108559728436596582
Frame ID: ACD56909AC56993A404AAA533FB2FBC4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dpba%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3DPM_UID
Frame ID: 65285A486F34E2965F587BEE37AE9647
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: 60B7F9528640EBEF5D4D61227C24FF28
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
Frame ID: 52B69774DDAD8FEDE059202F3C6A2B50
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 5EE89CE19024B0C36DF4A003DF6B0AA9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6290473C23DA3EA261C1B8D9C590BC25
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
Frame ID: D8E90EEEE232FA1B7F88BA44DF29C557
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7DD7C185-EF3A-4F4E-80AC-E27493819E41&redir=true&gdpr=0&gdpr_consent=
Frame ID: 53E3B1613A92CE77D9AF9F10181E433C
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 9DBEA740D7F0BC45D18FCC1B6F6E7B5B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
Frame ID: 011D490F35D16DC574234F5C129BE743
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: 62B26566C23E049197014535C720A0AE
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: D5E2910CBCE1535A67BC8F20C0C4A9F1
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: A08B2986D91A4DDD93E4634651B5D706
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: EDA6505C6DACCD0979E1499BA33C32B8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0F1B5845E7F827B8555428DB780C26C1
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 0BC280347EEEF5F5ED6B2B856FCD0F69
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 03D7AC70C04F8E8893FAA56DC831AB8C
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: A9A0173636B1554D0DF9BAC01778B5DE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 17ED9D306814C50F01684152C10A5887
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: EC7EC9B74B996BF430CCA4C8C398C349
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D33CA6EE5B164869F5664277B8D87292
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=
Frame ID: F5550DBC12FCC22F0AC649DDA29A0C42
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: CC332317777799D171D2A1F05765072A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 0410920258BF89EF4C00C0EDFB16529A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kOGZhYTM3Mi1lZThhLTQ0N2UtOWM1ZS03MDc4YjBkOTY1MWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: FEC947325EAD8BD7C8E9520D47BFFA58
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 19D4CE40D4FE49C852A17A3979F94E76
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=94f44cfe-466a-4f2d-a61d-583ddc95f0d1
Frame ID: 875B1F6403C900D8834675D555BFB51E
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 55CD351DB3CBD3F8C311C45D1542F65C
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_d8faa372-ee8a-447e-9c5e-7078b0d9651d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 48C3ED7331906221B31BB66A7D4F3EBD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: E8CF7A096FA6E4A437619457D1544B1F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Dl9WE0I4S10AYjKfoY1k&pi=gumgum&tc=1
Frame ID: 981419601A1D0DDE7242946B2307A365
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5F90BDCCF28DDC62597F218FE29479B4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 138E5EAD7B4EE97187C3FDBB9E0A4583
Requests: 2 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
Frame ID: 7B7CBCC9ED32B03EF435737D5FD54EB5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Frame ID: 396E1BDA0E937DF63CD332B339D58A79
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Frame ID: BFA5A06A005BCE42AD304228E0B69584
Requests: 1 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: 95BEFBBDF92561C386A3BCEF29E98554
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 9294C4F91DF1D81850286BA629EA9F31
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Frame ID: 21CEA23867A5F0EC9118F3E3097988E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

เว็บไซต์แทงบอล: พอร์ทัลสำหรั - Pastelink.net

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

366
Requests

60 %
HTTPS

0 %
IPv6

87
Domains

131
Subdomains

61
IPs

10
Countries

2837 kB
Transfer

6521 kB
Size

64
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cmd368thai.org/
Title: https://www.cmd368thai.org/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastelink.net/eplmib2j

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=%20https://pastelink.net/eplmib2j

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%20%0Ahttps://pastelink.net/eplmib2j

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20https://pastelink.net/eplmib2j

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://https://pastelink.net/eplmib2j&title=%20

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://pastelink.net/eplmib2j&description=%20&media=https://pastelink.net/assets/images/pastelink-logo-square.png

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share?v=3&u=https://pastelink.net/eplmib2j&t=%20&posttype=link

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g?u=https://pastelink.net/eplmib2j&n=%20

Search URL Search Domain Scan URL

URL: https://profitquery.com/add-to/livejournal/?url=https://pastelink.net/eplmib2j&title=%20

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://pastelink.net/eplmib2j

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=%20&url=https://pastelink.net/eplmib2j

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://pastelink.net/eplmib2j&text=%20

Search URL Search Domain Scan URL

URL: https://www.meneame.net/submit?url=https://pastelink.net/eplmib2j

Search URL Search Domain Scan URL

URL: https://diasp.org/bookmarklet?url=https://pastelink.net/eplmib2j&title=%20&jump=doclose

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1

Request Chain 101

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJrjlpe8t-SsJXY47duqTwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

Request Chain 103

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTI1ODc4MDQ4MDkwMjg1MTQ%3D

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1

Request Chain 105

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJrjlk3r9ZnY5YRe2fn-NAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

Request Chain 107

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTkyMjQ4Mjk2NjQwMzkzOQ%3D%3D

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJrjl5e8t-SsJXY47duqUAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

Request Chain 111

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1NjExNzM0NzU0OTk0NjIyOQ%3D%3D

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=

Request Chain 169

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229

Request Chain 171

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JCxcABufFVUx_qsAywkRBgrqCu3FHiw

Request Chain 174

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=z1jzyHAfh78g3H5gOmi-17Yeao8xbiwAca1pX5VdmZw

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

Request Chain 178

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=cc169d7d-d00e-40b6-9847-dd3bb9dfe412&gdpr=0&gdpr_consent=

Request Chain 187

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 193

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=4356117347549946229

Request Chain 194

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=G4tGtRZHZUicU8xyS-ir7KKw

Request Chain 195

https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&uid=G4tGpLZHlqwSirHqSCGMnSh2

Request Chain 196

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1687872408970 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6672761223 HTTP 302
https://sync.1rx.io/usersync/turn/3943491944002129294?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003

Request Chain 197

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5140084925853887675

Request Chain 198

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=866b46e0-a172-485a-aa1d-59791dd4cd69

Request Chain 199

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D85da6e1b-beab-4a1a-ba61-00aac8b3eee4%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0/466?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=85da6e1b-beab-4a1a-ba61-00aac8b3eee4&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=4356117347549946229 HTTP 302
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D85da6e1b-beab-4a1a-ba61-00aac8b3eee4%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID

Request Chain 200

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A

Request Chain 201

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-b90f842e-3758-30d0-aef7-3e5a8ebee960&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iOTBmODQyZS0zNzU4LTMwZDAtYWVmNy0zZTVhOGViZWU5NjAQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iOTBmODQyZS0zNzU4LTMwZDAtYWVmNy0zZTVhOGViZWU5NjAyAh8GOAE=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=

Request Chain 202

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A

Request Chain 208

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 209

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Drkt%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3308740084267757000V10&type=rkt&refUrl=&vid=78724086423308740084267757000V10&ovsid=5108559728436596582

Request Chain 211

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3308740084267757000V10&type=son&refUrl=&vid=78724086423308740084267757000V10&ovsid=[UID] HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3308740084267757000V10&type=son&refUrl=&vid=78724086423308740084267757000V10&ovsid=ac3d77aa-97ab-4673-bd55-0eca95f6420a

Request Chain 213

https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dr1%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dr1%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3D%5BRX_UUID%5D&cb=1687872408970 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=2819627084 HTTP 302
https://sync.1rx.io/usersync/turn/4015549538040057230?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003

Request Chain 214

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMwODc0MDA4NDI2Nzc1NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEK-GXC19E5afP_emSIwV4cs&google_cver=1

Request Chain 217

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet

Request Chain 220

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=92c21ac3-d254-493b-ac90-5e485f33b461

Request Chain 222

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDNX73KT7bZFPxm_xslVVWytetL8h5Q

Request Chain 223

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=

Request Chain 224

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LJEBNELO-27-CVXB&gdpr=0

Request Chain 225

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4356117347549946229

Request Chain 227

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=5814993726178313858

Request Chain 229

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=agXMVfUcGIIepHrZTMm1n1PPjj3v3qqltH5CSg_il74

Request Chain 230

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NENFMDQxOUYtQjBDNy00RUM1LUExOEEtOUFCRDIzRjRDRjM1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

Request Chain 232

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A

Request Chain 233

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=94f44cfe-466a-4f2d-a61d-583ddc95f0d1&gdpr=0&gdpr_consent=

Request Chain 234

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 240

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y18i3kiyTbCWugtTbzjy4Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y18i3kiyTbCWugtTbzjy4Q

Request Chain 241

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=&expires=30

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpgcAdhxMxR-hHQwC1t8d8&google_cver=1

Request Chain 247

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 248

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=528cf246-8d95-42b9-9253-94afb96d9c90&expiration=1690464409&gdpr=0&gdpr_consent=

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzhkK4-KddJCGVZH5AcRPw&google_cver=1

Request Chain 252

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2020966254788010785&expiration=1689082009

Request Chain 253

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4356117347549946229

Request Chain 258

https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN- HTTP 302
https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=4356117347549946229&us_privacy=1YN-

Request Chain 259

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=4356117347549946229

Request Chain 260

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d8faa372-ee8a-447e-9c5e-7078b0d9651d&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=

Request Chain 266

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DC9B07989D74D49369A97EB5DCD47DA14%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Dsnc%2526i%253D%255BUSER_ID%255D%26uid%3D HTTP 302
https://sync.technoratimedia.com/services?srv=cs&nuid=C9B07989D74D49369A97EB5DCD47DA14&att=1&pid=82&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D&uid=ZJrjl5e8t-SsJXY47duqUQAA%265157 HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=A5967DBE4F774E858A545A1F80236F44

Request Chain 274

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 277

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526369958297 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 280

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4356117347549946229&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fdfBhe86T06ArOJ0k4GeQQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0REN0MxODUtRUYzQS00RjRFLTgwQUMtRTI3NDkzODE5RTQx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB2UFPXX3-46gJnRFkP30d8&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 299

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7592428239965925715 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 300

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=94f44cfe-466a-4f2d-a61d-583ddc95f0d1&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 301

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oY_s0uxE2uVxIkq_Zhb_Pj9IfT98UjI-~A&gdpr=0

Request Chain 303

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=

Request Chain 305

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4159664726115913102&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Request Chain 308

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=

Request Chain 313

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=94f44cfe-466a-4f2d-a61d-583ddc95f0d1

Request Chain 318

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=Dl9WE0I4S10AYjKfoY1k&pi=gumgum&tc=1

Request Chain 319

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 320

https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99 HTTP 307
https://ads.servenobid.com/sync?pid=362&uid=A5967DBE4F774E858A545A1F80236F44

Request Chain 322

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDru8Nq6HcGqckEVKFmdPDpq0r0b_Eg

Request Chain 323

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SSHoADrOK1LJuf9uXmrvbNWV8eK2faF2H_taYIjO3cQ

Request Chain 325

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=

Request Chain 327

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229

Request Chain 332

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

Request Chain 334

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=

Request Chain 342

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 343

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LJEBNELO-27-CVXB HTTP 302
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJEBNELO-27-CVXB

Request Chain 347

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LJEBNELO-27-CVXB HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LJEBNELO-27-CVXB

Request Chain 355

https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=528cf246-8d95-42b9-9253-94afb96d9c90

Request Chain 356

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D46%26uid%3D%24UID HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4356117347549946229

Request Chain 357

https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=aUFGC619fYxEW99Wjza_fDqXWJNaeiA9

Request Chain 359

https://sync.1rx.io/usersync2/rmpssp?sub=synacor&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=338071832 HTTP 302
https://sync.1rx.io/usersync/tradedesk/528cf246-8d95-42b9-9253-94afb96d9c90

Request Chain 361

https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-Q_a_uoRE2uE_Yo09RZAKJzGayGiyOfEi~A

Request Chain 362

https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZJrjl5e8t-SsJXY47duqUQAA%265157

366 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request eplmib2j Show response
pastelink.net/ 40 KB
11 KB 906ms
308ms Document
text/html 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

f179d3e7e5763a7537daadee8ed39777c42c139bee72992477c7544994f2da04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Jun 2023 13:26:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
802 B 486ms
208ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 13:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 13:26:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 13:26:41 GMT

GET
H2 200 styles.css
pastelink.net/assets/css/ 121 KB
121 KB 235ms
234ms Stylesheet
text/css 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/css/styles.css?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/eplmib2j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-1e436"
content-type: text/css
accept-ranges: bytes
content-length: 123958

GET
H2 200 jquery-3.6.0.min.js Show response
pastelink.net/assets/js/ 87 KB
88 KB 537ms
536ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/jquery-3.6.0.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/eplmib2j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-15d9d"
content-type: application/javascript
accept-ranges: bytes
content-length: 89501

GET
H2 200 script.min.js Show response
pastelink.net/assets/js/ 41 KB
41 KB 337ms
337ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/script.min.js?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/eplmib2j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-a225"
content-type: application/javascript
accept-ranges: bytes
content-length: 41509

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 2 KB
1 KB 570ms
79ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1803302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 772
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNqcGnH%2BwrSV2l3VnDBIXcuefoOq2c4sXrKv%2BuGHdISXGV4zClE1zcnH6F50eAbS97BWHZRwawWlZO8NnX06%2FEiRbfjqh4el4OO9pM8k9pG6K7rh0K4s2CM4ifcxsY2OOJ6d%2BWH8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7dde05ef2bc32dcf-TBS
expires: Sun, 16 Jun 2024 13:26:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 508 B
778 B 484ms
207ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Serif+Myanmar:wght@400&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

c5b4b7abe21f7d0501ae899eae7df6c67978408bb90e027b26f9cf7012f11ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 13:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 13:26:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 13:26:41 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
893 B 420ms
142ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

c74a518e3b4b49079aa57156901d809ab3d927bef879800d1afb42b559487ffc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 573
x-xss-protection: 1; mode=block
expires: Tue, 27 Jun 2023 13:26:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
71 KB 436ms
147ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e683095252374f2db2b803b901579f878b65bb117e64f99691af870d7dffb611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71837
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 13:26:42 GMT

GET
H2 200 pastelink.js Show response
cdn4.buysellads.net/pub/ 536 KB
150 KB 419ms
132ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Requested by: Host: pastelink.net
URL: https://pastelink.net/eplmib2j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9efac485053ded5f55538372472bd270708b716eae0e081307958263bf5f744f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 13:23:40 GMT
server: AmazonS3
x-amz-request-id: 0VYR19NS18TH85H3
etag: "65917efbfe6d3b8636f6a961fbc3680c"
x-amz-server-side-encryption: AES256
x-hw: 1687872402.cds326.fr8.hn,1687872402.cds205.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 153288
x-amz-id-2: /8uBGoByXlbl7g+y5EfAzxuVHj7S7BLa6Or7uGE+13kmVbOaUjGJqSmxC54QI9PYWvNe2cMlDSjpsj2IE9ld5w==

GET
H2 200 recaptcha__ka.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 462 KB
176 KB 416ms
133ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__ka.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

6a0ed6115b95bf90987e31232fe3d71f09b104928a606f1ee9f5ba9da4b8472a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179419
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 19:22:32 GMT

GET
H2 200 debut_light.png
pastelink.net/assets/images/ 4 KB
4 KB 651ms
650ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/debut_light.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-10c8"
content-type: image/png
accept-ranges: bytes
content-length: 4296

GET
H2 200 pastelink-logo.svg
pastelink.net/assets/images/logo/ 3 KB
3 KB 651ms
651ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-d3d"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3389

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arrow-down-blue.svg
pastelink.net/assets/images/ 239 B
409 B 652ms
651ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/arrow-down-blue.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-ef"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 239

GET
H2 200 moon.svg
pastelink.net/assets/images/ 2 KB
2 KB 652ms
651ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/moon.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-62e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1582

GET
H2 200 public-black.svg
pastelink.net/assets/images/ 578 B
748 B 652ms
652ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/public-black.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-242"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 578

GET
H2 200 social-spritesheet.png
pastelink.net/assets/images/ 28 KB
28 KB 721ms
721ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/social-spritesheet.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-70de"
content-type: image/png
accept-ranges: bytes
content-length: 28894

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 407ms
129ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:19:00 GMT
x-content-type-options: nosniff
age: 500862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 18:19:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 565ms
287ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:39:35 GMT
x-content-type-options: nosniff
age: 578827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 20:39:35 GMT

GET
H2 200 VuJsdM7F2Yv76aBKKs-bHMQfAHUw3jnFvRDp.woff2
fonts.gstatic.com/s/notoserifmyanmar/v13/ 66 KB
66 KB 500ms
224ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifmyanmar/v13/VuJsdM7F2Yv76aBKKs-bHMQfAHUw3jnFvRDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+Myanmar:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

5c543b5c3d49302195af1da78755559c58b29821df1ad4160f0f2a8afa0b6e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 09:06:37 GMT
x-content-type-options: nosniff
age: 534005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67456
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 20:30:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 09:06:37 GMT

GET
H2 200 logo-bg-90-tl.svg
pastelink.net/assets/images/ 2 KB
2 KB 692ms
692ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-bg-90-tl.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-933"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2355

GET
H2 200 pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/ 4 KB
4 KB 692ms
692ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-e31"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3633

GET
H2 200 logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 4 KB
5 KB 692ms
692ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-11c0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4544

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 545ms
298ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 02:19:04 GMT
x-content-type-options: nosniff
age: 212858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 02:19:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 404ms
130ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 12:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Jun 2023 14:35:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
83 KB 146ms
145ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

79bd6c869b86655aacc73be373ccd1ef979b9fa3039c05698097d0fc75595ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Jun 2023 13:26:42 GMT

GET
H2 200 tag Show response
btloader.com/ 23 KB
9 KB 227ms
78ms Script
application/javascript 104.26.6.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b1681b58892c332c161e963ba3e166abab1d3daa69657545f88f6b9c871292

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 12:50:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1919
etag: W/"0e4ddf101c94ddffd253e1c29644322d"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo49GJfldjbYyquE36goGqLVNLbzptTmRpTxWkWICwNaUZX3FIKZClhJ0oljcFT7wNi1LnSQdTEB2Hi90JGBMPBCVYHTrElJiWe1vNAJOtIjxu1ifi%2FDwT7qgsLo6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7dde05f6fabd2dcb-TBS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 506ms
236ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1616ad42ece97bcf7f86731b4a95e245c747f8fb6a11deb643204234e04a634d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26685
x-xss-protection: 0
server: cafe
etag: 139 / 19535 / 31075684 / config-hash: 13341734580838648536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:43 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
160 B 565ms
564ms Ping
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je36q0&_p=663896112&cid=859327903.1687872403&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687872403&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Feplmib2j&dt=%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%84%E0%B8%8B%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%3A%20%E0%B8%9E%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B8%97%E0%B8%B1%E0%B8%A5%E0%B8%AA%E0%B8%B3%E0%B8%AB%E0%B8%A3%E0%B8%B1%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 807ms
246ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Jun 2023 13:26:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
325 B 231ms
82ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: pastelink.net
URL: https://pastelink.net/eplmib2j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1895708
x-guploader-uploadid: ADPycdsVOG1_gKCV8zkABulK3RgGuf9kw0-O7uF3gKT8tdOnI-s2Im0CDndNFe8KZnMdg30zOdrQiLLsTvLNu3fRrYOKvpW2UqWV
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAGJAcz9Ll%2FIUSTN0vhd5wdZQPnnytTNfZF2FrOuCHKdpjw1ljl6YtUuiJQOIxE9Xl75T97ipSCWRpxucsvmhtMRco9JiRxzkhJLWmYtyuWn3XXIAFy6R%2FKEqqXsdcN9QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7dde05f868be2dc7-TBS
expires: Mon, 05 Jun 2023 15:07:19 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 404ms
129ms Image
image/x-icon 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pastelink.net
URL: https://pastelink.net/eplmib2j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 16:38:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
930 B 227ms
78ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.10975887873274481
Requested by: Host: pastelink.net
URL: https://pastelink.net/eplmib2j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1895708
x-guploader-uploadid: ADPycdsVOG1_gKCV8zkABulK3RgGuf9kw0-O7uF3gKT8tdOnI-s2Im0CDndNFe8KZnMdg30zOdrQiLLsTvLNu3fRrYOKvpW2UqWV
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czrKm8l2mmCuhvwV3nVtVPdMN%2B6ilMwdi35l%2Bk3wqUBrKX1%2BR%2BGxJQgjmi2Slg1jYFoQQKueM%2B%2BT%2FCEn2e%2F%2BRNKZvOAvFuiSh%2FfJ3juY97J9o86Zc5JOtTRjQJnGDRhUCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7dde05f868c12dc7-TBS
expires: Mon, 05 Jun 2023 15:07:19 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ 393 KB
125 KB 402ms
130ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 10:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10175
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127939
x-xss-protection: 0
server: cafe
etag: 10569078359274256513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 10:37:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
93 B 138ms
138ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=663896112&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Feplmib2j&ul=en-us&de=UTF-8&dt=%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%84%E0%B8%8B%E0%B8%95%E0%B9%8C%E0%B9%81%E0%B8%97%E0%B8%87%E0%B8%9A%E0%B8%AD%E0%B8%A5%3A%20%E0%B8%9E%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B8%97%E0%B8%B1%E0%B8%A5%E0%B8%AA%E0%B8%B3%E0%B8%AB%E0%B8%A3%E0%B8%B1%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=360607266&gjid=1428250880&cid=859327903.1687872403&tid=UA-55088947-2&_gid=1152261091.1687872404&_r=1&_slc=1&gtm=45He36q0n8155WHPWQ&z=37614767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 244ms
244ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 45b5465229b3d2f0348a4cfcd69e52df10b6059122d41cff6f9854a30bf111cf

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:44 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 245ms
244ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=OhxzCKSZ&w=5093624318001152&o=5102648370397184&cv=2.1.13-15-g6498499&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Feplmib2j&sid=3sesH5xA&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Jun 2023 13:26:44 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 CWYD627N.json Show response
srv.buysellads.com/ads/ 930 B
686 B 623ms
240ms Fetch
application/json 159.65.16.11
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=499288&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.16.11 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-14.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 2d51dd4e94edbb36acec7092a348e471f727e864901a7601e2fd069bde0dbeff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:44 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 549

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
999 B 347ms
88ms Script
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 13:26:44 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1814386
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKou3KL7whl6s54QHBrWRG431cPjgn6FsUczV5Fs2cO1opS5ck3N7yFwVJLIUIa54mAkspXd5nyBd3Gu8qgJOsEzCDtXP9eltblp5m%2Fp6Vxez19hS9gkDC1pPUA2lSt8"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7dde06005f8f2dcb-TBS

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 2 KB
940 B 497ms
215ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Feplmib2j&PageUrl=https%3A%2F%2Fpastelink.net%2Feplmib2j&PageReferrer=https%3A%2F%2Fpastelink.net%2Feplmib2j

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

75c01acf79f0b63144af7ac0b5c30f1c80d2fcf8989b0e112884c9a7e92c1fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Jun 2023 13:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 75
content-length: 481
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 849ms
472ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e7184d3369dc6ac040ffc003941338577d3ef7946e1e9d6b1a57ca0d3cd9b94a

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:45 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Jun 2023 13:26:44 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 512ms
186ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 576ms
251ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 578ms
234ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 654ms
142ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
335 B 719ms
142ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
mp.4dex.io/ 173 B
1 KB 391ms
159ms XHR
application/json 104.18.2.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51fcc99288e1eeabf231df27570ad341a98cc992a1128e1dcca7cf9cd6cec8ca

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Tue, 27 Jun 2023 13:26:44 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7dde06005fa12dc9-TBS
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 472 B
1 KB 437ms
174ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

dd70e06e5b9004d03dde1c0f091a02744f6bf6578d96c3cd6377f0ecac09c2b1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:44 GMT
AN-X-Request-Uuid: e5783109-ebbb-47f1-a3a7-4e2fba9a6880
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastelink.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 472
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 554ms
186ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://pastelink.net
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 466 B
1005 B 444ms
140ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=bf905bad-6ba8-463b-9df7-691f11a65c51&l_pb_bid_id=4547240b324fd73&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.3987036826606798
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9dc75dde4cfecf86ffbf5e44a6101016f3ebc44e3bd70afbef7b5c26b55b0651

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 466
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
787 B 448ms
144ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=fec7fdec-94d9-4b3f-acee-6411a88f681f&l_pb_bid_id=46012ab6e46fdbe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.9073516086275117
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bedb3012c55e26bd2f8043f08513167674e9b1e57d3be22211ac995e86d11f03

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 472
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 468 B
783 B 446ms
142ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=77f1dada-46e8-4908-b30b-97277a9e9620&l_pb_bid_id=4750b27a2d79c9f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.3788999238287467
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 090e11ea99bff93893541caf0f41a67ca563f5baf8a04f3387f1e9c46fc72f66

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 468
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
786 B 445ms
142ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Feplmib2j&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=06c1af67-4078-4a03-b625-5ef1775aae2b&l_pb_bid_id=4857c6260cbd843&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.6392826042718278
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2b6605a6a002c95b9e6826815e67d3a3b0c1fe932848c0591d48a4e2da4a0725

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 472
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 692ms
380ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Tue, 27 Jun 2023 13:26:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 477ms
162ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=78663278100&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Tue, 27 Jun 2023 13:26:43 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 98 B
429 B 487ms
159ms XHR
application/json 54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2199
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 19d7bb29f100cf81601e827d2c47694eb4374461c541231a39567f000acc3781

Request headers

Referer: https://pastelink.net/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Jun 2023 13:26:44 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 218ms
80ms Fetch
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 13:26:44 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1806455
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrcDP7mAwfjxkDvdKHVoD8wA3kjHnvDCiSbixgZE%2BqauiDg8ooJxeOCJ4Zh7TMY0MiuGrkCmHVEW3m8%2Fk4JoKeS3JIpgQy411L0S3vMZv3qUsV9iTO9DAhEigIsrVlyR"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7dde0601c9632dcb-TBS

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 402ms
137ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 194 KB
60 KB 603ms
603ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2462141144769339&correlator=2118518877041423&eid=31075618%2C31075684&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dtrue%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dtrue%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1687872405138&lmt=1687872405&dlt=1687872401256&idt=2959&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C350%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastelink.net%2Feplmib2j&frm=20&vis=1&psz=1600x-1%7C705x429%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=859327903.1687872403&ga_sid=1687872405&ga_hid=663896112&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b67221fd133d8069d9aac0e41f3ee6a45576109dbfbc8678b0dbcc0fcb3aae62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61275
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 468ms
183ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

058fe3e5c204a4f44a1d45b1a71d7eaa4e69df6ff7e3d55924e80797f5e0f6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11142
x-xss-protection: 0

GET
H2 200 container.html Show response
c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 894B 6 KB
3 KB 472ms
165ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:45 GMT
expires: Wed, 26 Jun 2024 13:26:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ 37 KB
13 KB 131ms
130ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl_page_level_ads.js?cb=31075684

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7ee3cc6bf4bb255f615c7a864a8f2934bcf9cf9f4cb7270b78354a3e92b1512d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 10:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10148
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13134
x-xss-protection: 0
server: cafe
etag: 7420562520458631396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 10:37:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 494ms
144ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H2 200 container.html Show response
c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10B0 6 KB
3 KB 128ms
128ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:45 GMT
expires: Wed, 26 Jun 2024 13:26:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F6B 6 KB
3 KB 127ms
127ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:45 GMT
expires: Wed, 26 Jun 2024 13:26:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D672 6 KB
3 KB 277ms
276ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:45 GMT
expires: Wed, 26 Jun 2024 13:26:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC83 6 KB
3 KB 274ms
273ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:45 GMT
expires: Wed, 26 Jun 2024 13:26:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1D14 624 B
827 B 447ms
174ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYhs-I7gEwAQ&v=APEucNVuB9rLebUPhIMOSvRWQpv4ltLrijYTEkTYobhmAAUNwg8N4gAwoV3CaB7KFaMaNOESwCtOxLWaW68iDHZmdvP7kn4i0A

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:46 GMT
expires: Tue, 27 Jun 2023 13:26:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 10B0 78 KB
27 KB 1096ms
529ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B0 42 B
63 B 743ms
178ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2fvVioQCa9CGCddq8yYernnC8VgaDnSUzF68be-eCuWB4l3DsJzVs_-YnCqu-ZYVNFN-6ss1vqoqK7D2dnvbapxtDt9Q-ecY7A-dpN49h64Qvrbw

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B0 0
20 B 744ms
178ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=201170273664664783&x=1&ct=77

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 10B0 3 KB
1 KB 293ms
292ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:02:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 10B0 19 KB
8 KB 291ms
290ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10B0 179 KB
56 KB 149ms
148ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3080 13 KB
5 KB 145ms
144ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 13699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 09:38:27 GMT
expires: Wed, 26 Jun 2024 09:38:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B18E 783 B
914 B 141ms
140ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

e716df33e8d6ae5e63d6bb96edea224fa848ca56002d2d7f58b0803881f16164

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0ZGt8AdLMoe1DMdcYCdDpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-0ZGt8AdLMoe1DMdcYCdDpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:46 GMT
expires: Tue, 27 Jun 2023 13:26:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7AEB 624 B
505 B 270ms
177ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQY49uN7gEwAQ&v=APEucNWDEt3A6pkipMWM3awO8bLpn-RB-sPP1crMKKJ_DL05OsNP_pE-TauTrxWQFLBmMzjQjDhnr7wgse2gonjVYcn926O14w

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:46 GMT
expires: Tue, 27 Jun 2023 13:26:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0F6B 78 KB
27 KB 584ms
197ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F6B 42 B
63 B 563ms
177ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BERHpdxlo5d0s6oQ0SX5_P11Mlyt0iO2hRvr52tAEt1fVZ-WN9YArSCtqtYFD5pk16SWeNv5X2cuca_C3NXNXvM9km-_53URBycvs_w6fV5Mmu5gs

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F6B 0
20 B 564ms
178ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=331191194760030376&x=1&ct=77

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 0F6B 3 KB
1 KB 183ms
174ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:02:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 0F6B 19 KB
8 KB 139ms
130ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F6B 179 KB
56 KB 170ms
164ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 52F2 624 B
505 B 249ms
176ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYg-CI7gEwAQ&v=APEucNWJqlsqL3KiyvfJryA0lrapTk1qM126_0ODb4jXzvI1k3529-YcSSS8ZQnaDFX21AqWWk0GqeSWU_CiSdvp28_MWQZVYw

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:46 GMT
expires: Tue, 27 Jun 2023 13:26:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D672 78 KB
27 KB 706ms
341ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D672 42 B
63 B 556ms
192ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApP_FnEn3Ak8_85vWhekp8qKGuv681bXqDtAD9AHGX-xdD8hNouRAk8ToUUUC6corDthtjN-OUTpSEEytKLdI0_ncsDqE0lza5NT0Ghx5mJsZ6VbU

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D672 0
20 B 557ms
192ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13217623457322507233&x=1&ct=77

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame D672 3 KB
1 KB 172ms
172ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:02:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame D672 19 KB
8 KB 159ms
158ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D672 179 KB
56 KB 192ms
192ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BC83 34 KB
13 KB 200ms
200ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

63715e8ffb3d4efab913b95b9369dc96445bde93529cdc97909bdf57a8134300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 20:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13554
x-xss-protection: 0
server: cafe
etag: 10619647361806024282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 20:30:29 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BC83 24 KB
7 KB 171ms
171ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 523435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC83 179 KB
56 KB 232ms
232ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 13:26:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame BC83 22 KB
9 KB 136ms
135ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 18:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BC83 3 KB
1 KB 138ms
138ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 15:02:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BC83 19 KB
8 KB 180ms
180ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 19:19:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B18E 0
0 528ms
193ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306220101&jk=2462141144769339&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3080 38 KB
14 KB 377ms
130ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 06:29:06 GMT

GET
H2 200 17356968505855995904
s0.2mdn.net/simgad/ Frame BC83 332 KB
332 KB 498ms
214ms Image
image/jpeg 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17356968505855995904

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

c9dc7959319d21a7ceed9b5853f0b6a1000cd42e187c365df7d5481e84d78636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 18:37:56 GMT
x-content-type-options: nosniff
age: 586130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339603
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 14:37:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 18:37:56 GMT

GET
H2 200 13518049811480133493
s0.2mdn.net/simgad/ Frame BC83 3 KB
4 KB 491ms
207ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13518049811480133493

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

499d46a2267264a5d2465f9a2ff9dc95139a92a78a4bdb8439d06b2a51704937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 18:22:14 GMT
x-content-type-options: nosniff
age: 587072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3327
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 14:37:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 18:22:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1D14
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1

43 B
632 B

237ms
142ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYhs-I7gEwAQ&v=APEucNVuB9rLebUPhIMOSvRWQpv4ltLrijYTEkTYobhmAAUNwg8N4gAwoV3CaB7KFaMaNOESwCtOxLWaW68iDHZmdvP7kn4i0A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1D14
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJrjlpe8t-SsJXY47duqTwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1

43 B
632 B

131ms
131ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYhs-I7gEwAQ&v=APEucNVuB9rLebUPhIMOSvRWQpv4ltLrijYTEkTYobhmAAUNwg8N4gAwoV3CaB7KFaMaNOESwCtOxLWaW68iDHZmdvP7kn4i0A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1D14
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

43 B
1 KB

405ms
404ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYhs-I7gEwAQ&v=APEucNVuB9rLebUPhIMOSvRWQpv4ltLrijYTEkTYobhmAAUNwg8N4gAwoV3CaB7KFaMaNOESwCtOxLWaW68iDHZmdvP7kn4i0A

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
AN-X-Request-Uuid: a9fca46d-72a3-47c1-b236-9cc5c16a2735
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1D14
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTI1ODc4MDQ4MDkwMjg1MTQ%3D

170 B
243 B

410ms
409ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTI1ODc4MDQ4MDkwMjg1MTQ%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 27 Jun 2023 13:26:46 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 51fbeba7-e00f-443f-aa37-df5f03291835
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTI1ODc4MDQ4MDkwMjg1MTQ%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 52F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1

43 B
632 B

321ms
142ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYg-CI7gEwAQ&v=APEucNWJqlsqL3KiyvfJryA0lrapTk1qM126_0ODb4jXzvI1k3529-YcSSS8ZQnaDFX21AqWWk0GqeSWU_CiSdvp28_MWQZVYw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 52F2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJrjlk3r9ZnY5YRe2fn-NAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1

43 B
632 B

130ms
129ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYg-CI7gEwAQ&v=APEucNWJqlsqL3KiyvfJryA0lrapTk1qM126_0ODb4jXzvI1k3529-YcSSS8ZQnaDFX21AqWWk0GqeSWU_CiSdvp28_MWQZVYw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 52F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

43 B
1 KB

158ms
158ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQYg-CI7gEwAQ&v=APEucNWJqlsqL3KiyvfJryA0lrapTk1qM126_0ODb4jXzvI1k3529-YcSSS8ZQnaDFX21AqWWk0GqeSWU_CiSdvp28_MWQZVYw

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
AN-X-Request-Uuid: 956772f0-ad27-4346-8337-256cca7195ce
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 52F2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTkyMjQ4Mjk2NjQwMzkzOQ%3D%3D

170 B
232 B

410ms
409ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTkyMjQ4Mjk2NjQwMzkzOQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 27 Jun 2023 13:26:46 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4c24b5f2-dad1-4111-b89e-dfc440c28616
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMTkyMjQ4Mjk2NjQwMzkzOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7AEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1

43 B
632 B

257ms
130ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQY49uN7gEwAQ&v=APEucNWDEt3A6pkipMWM3awO8bLpn-RB-sPP1crMKKJ_DL05OsNP_pE-TauTrxWQFLBmMzjQjDhnr7wgse2gonjVYcn926O14w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7AEB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJrjl5e8t-SsJXY47duqUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1

43 B
632 B

131ms
130ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQY49uN7gEwAQ&v=APEucNWDEt3A6pkipMWM3awO8bLpn-RB-sPP1crMKKJ_DL05OsNP_pE-TauTrxWQFLBmMzjQjDhnr7wgse2gonjVYcn926O14w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7NX81KTS09b9lRndzxGpY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7AEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

43 B
1 KB

137ms
137ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQkIzbuQQY49uN7gEwAQ&v=APEucNWDEt3A6pkipMWM3awO8bLpn-RB-sPP1crMKKJ_DL05OsNP_pE-TauTrxWQFLBmMzjQjDhnr7wgse2gonjVYcn926O14w

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:47 GMT
AN-X-Request-Uuid: 3153cfa5-679f-4900-acd7-57af2df56999
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL1ZhAicCeWPwE3zSzKNqxM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7AEB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1NjExNzM0NzU0OTk0NjIyOQ%3D%3D

170 B
188 B

144ms
143ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1NjExNzM0NzU0OTk0NjIyOQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 27 Jun 2023 13:26:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ed299667-7a2e-45f3-8203-6828b7b25446
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1NjExNzM0NzU0OTk0NjIyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74C2 143 B
228 B 131ms
130ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 74C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

147ms
145ms

Document
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:46 GMT
expires: Tue, 27 Jun 2023 13:26:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 504ms
221ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Jun 2023 13:26:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3080 0
10 B 130ms
129ms Image
text/plain 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xm1ISQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F6B 0
20 B 164ms
163ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=830434323246&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F6B 0
20 B 165ms
164ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=830434323246&version=m202301230201&ct=77&x=1&cor=331191194760030400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0F6B 15 KB
11 KB 163ms
162ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd63bjCcyNW4geuoc_SyW6aPJrrZE3uY3uH-wlt6rkuFh65hlovXFZyScj3M4ozv_2gp5htQp71NvoOvt-jTMzFxsJf8hPjErPq05b2Ai80HO2kE1z-q_XBu5FZ5g5Ba5nwGeck9iveABWFtg1wP0RqYR5qFIIoF-UanJT6W4dCV4k19c&cry=1&dbm_d=AKAmf-A6s-3IZvcm88GX181ezW-Ce_vO3BIWTjgfPAM-ttoc0uky9jyHlAHild63eX3yFEG-71ga6obihBWzk9hC0Cvi279Yn4l3HlrJIXM2EJHwn7uoOBzSpqkLlUHagKjVMB2Me47yLkkrRn1fw_2Zdks1mY8UK4GhoTNJMXF3b4GBHrBO-audad9BMZEgaYdDERN7ovaQyR-G0yg_ChggrW0glNi39AMl7YJKlxKsgOUQeq7Fjx8uEafwqSMpYmD84DVf9xtBxQvmlzl_5DcxYisLQSYqqhkXSj4GhbbgBDCI8FLeY_5vBWuF5x3jn-UkA9ZKL582SN0hM-NT0aTdh34RPbDD-g1duye5t-cIOZM2fxQHp-Ceg3vOd6M0rQqNpUaVymaUmfLBOV5bRDIUrihGJFDxObq24GbYb2aUBJR3ea0p4IYVhwh12Gu00bAt5iD7itUD95W5LaOwbURGLz74CQYo5OEhCAPSCig2KvtRggBHSQFWTiLRrQa-jePOZV5uvSkpbLkCYH22bpdf3z4LXaPeLdrisHaR5hWFYH-vvDq4POmZBeccQltQjcPSpYtGP8R7WYOyoNBXeYL09fomN4OAt8Dfo5ZwXRGshGIAVB-DKt4Z-cQFgroNCR7UZEQaBvDcsx_Gmnjx6eN-nN3FhqaO8hSzqpzjqy7aG_5URcmManJba_qtjuJgaLcn67Nz0EyRNsUub_mlkXBn7lUAh4zY6geAATzddrx6sDov_HeRIeJkWiKb1eSSRTyTRiJucT_0rSu68s5mwRggPO8LNvLTuIgq6bjMxKyj89cXtZUjQ76fsYN6MkenK7SgcoixlbdpNBEKA-HwX-iJ83_yeVvTsaz0ERaMfayRnf5RUhWGx8dbFVqVkiIz84XA806lJOV-Up4B5l-1W1ope3ZXuD8Nj-_Vf5xNaKcPQGEXmJ7g2Pqw5-EAh8lcX6pQ-oenxhUvk0HHbi-S0IqVu7lw5WD0MoKXhLCamXaUALx9Ysr6TfssnashJQ5nB7p0OGr3__gbPl_3nAYfK4gkTP5SAdWJCkdQupMHseCd-EUgBNb8jSF3c0B9e8xLJNbYnJ5ruZb0MeTlGBJ6mp9n24GANHYWns73v5C3tOIh2v1Nifl2dbwlzZtUlFpRVkzNM7f8m5k5h0tWgdfG1pWQmLEeFeqagfQF4WAFucMBBB7w6qtmOwMruFT32rj6CaAcD_Pdhew1U2U7eoMlH6Jia3i8HNj7vjkOFvvZM6s28-8pAWX_EYnuZeP9RB9l4gTgUJN3yhiWD3LcICkVBNTepJPzqm2ufmbctbr0BchAekAOBfLXGktBB7hqpFZHcpGU5jtrjEAIwORRiNIx6gbDt09I28TjmJzSg50RmQscdbfmrEm4-EOz2dFrFCxZUI4pDNp45GQDzFiCRlC0q8DY7MJNK3ycoBrCGAgeo39U7kgl1IDZ-yfa3UWckXj7PDPyRRE0CNEEA-YXJR0MeiMSm3SlCjqtWO-ieEXgtITS_6YjMe345b_1KWnpdzm1z9znlH9A4Wrg2dPVSpVVU3AmvgqFx1SV1Zj8H-hLHmcEz6GSPQViyoEFh8VTiy6yeIlcFIqjIaYnv9sMNARE3yGFuV09Y6bhYuih7tF_Ri29TBVTHOULJ7zmJvTT3I7UAHk30ZiE9eAgT-__I6-T308Klam9RcJaCGEmYEm9aIobQwm2owZLvqfiSiHpdGu0eBLnKukCykxM-9do7HklBL4EDPzOrtg6KOtmVMRoXVPjXjzB_6Sm2G9tw3ZEZABWc2fL2LkHLmOxOE8y2FsgNYNAUCYvLpABRE6hDXEFnF1kqVshLgg0IKnFno2zTbCLh59N_Sj9C36f_BJIGpbIvfsSw2FMYbWjdVa8Pl_Qsj9EkiE3HCkTNbe2UIUAk-3dZs2SSbWgh0aLNTH7O1CShYEJ9wcsVlE5xJVI9f_2fAb_mbtNBGxjOjILAH7mXdscZ4VRKZNJtII8cigX1jxIbAkOi40R0hIEfYg4mJZAp8NslOzALgV9IZnhWmo70hvXwCfnutyYfZPUjyGZ9sdGQdTls_gVqs-91BCWTFD7x5nvpvaay48-eRTNsqjKOIslshN3Uly466ztIxliE_eQLE6_VZCNFsNXK_iu_wXQIMNDnKf8T3TjEfpepNgusMktF-CpU6-Cn8x5ATk0cCOGyrK7WzMq58GG8NTAFPFRbqldnJrUYjkE_r7MVThLvzNdAoL9jrmBe2XIpRrjzrQ8NZ98iJZSpVNNUuqdBT6Pxmu2_L2H4h_NJwR8vmF6nYqF5Zc_R495f0E-YkQS0dyPVRRVflFn14S_7FgkVktlJSS--UjhYSbomNWzT_CkMBMKODPmlaa6zG4XeQKiWa6qq12imI2PwyjCzUitKkWKL0t12h9-5zDCp4Q4I1mBjrvqQp9tCZyc7abuHaeCvnI4HckZ9WdWmaNBp-cluFLoSgCglx1MhUwH9PcExBf_GWLfTWNR-aT04ajufzYLZ49uHK1gTlaVs1UQyOB6hhRDZDIte9LKow0hepCNmQcID7R08h8DwdqJ5zF6-oBaQP4rFdYNSR1RDUeGoNcy76cDsw0pQHgZAASPJ6AjlKdjt4Kils3f-yhWbP9BN3gIYXBqrDq3q_qYYPMxW5vb-WoDyCpArCjRMqjCrBGov5O6yZV3w-K_GDQ_L4bpsJWBec_0bwufV8bkAcVmWnhXqM6ImwYqSku-8fK9zuUsmMdayTewmWugKc9r9Q9J1C4dSNnu3byYiv7_aZdzqFFwM7OKsxjtc4o5MaD8EamVL8f-VnCXtrXSjsnn7EvzSEh5oefpv__iTk3fgMX8W-J_CldQ5Z-R_44fH_U3vU2YXyxfMmrg0axTIiIkf2Q5uTGmzfj7vQq3sJDeD609CoBNYD014P3Exvnb175EZ-kOh_ptNl67Z1gbk3uzqxo7kAwC3dfUSGThYxtS6CSrfS-tQZGWc2vaAjRb8K0hEJWH0R5L8o2kK_2jo1_Qh3JjlbjLaH6Gh1_f1uf8cgYFfBK8ZRgxZ_viHAe-TJNftIdj4HX0u1oYemNIFZ9RJmw5Gw0Mo5wRrVriVL7Zol-7r9onU7cHHg1PK1A7zC1GrGue3y0jKaCH91Aic78XcYuntINu2wN1dUIpziqDrUjaryIWV2GltsQwTSz7ZrHKrJvhaJqlNNugJhig_NjoBmdTl0wFBgpj7JquWhzZLpXfKWjRpAmUbF9SNdXuWc356TvC4MTGH-rekMgF6L4MINAwOtTEStlCpwXtdN5ga6SIMFaq96S5Q1pX4m7K6LA2S6QyI46V1VrTfj8_wzUAMq4MwwMcmSNKHup5V9x-b8b3-qxRO9Ug3xtga8NEMXujuVxxaJYb4V_k7LQXM6oVmxkVXzbNZEtDAuTEvvJFhROganFyV35JeGxjjK3WT-SY-9m0PA5BBFXh1Mt5KIKmy5W0rQ6_z4c21px0sAGvArOTcTiNpSu3r-ruipkVppE3mqF8TE3NrB0DgjfL2yH-WiWwCVoG2yFkKYSqWnFUWIGF6gJQBdAoP2U7EUoDRsWnPIzgZHTlPgvB0PgUuJXfJnAzU2qzqU2n0VrkgV8RlkPvUECKjNxti7z1lDmV-eB48gPhEG2Vaaf_WzwcB_zVAAV9SGKjDjPK3ObpCKhjZIo8bqgUG01gPbHEOGkpjKugoLrIxy3QfZqXd_e9F6BpQVwhH6Mi_YD0X21QSBDisa0sDg&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=331191194760030400&adk=2923430907&idt=659&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2c4e52c8ca393553e75b1354f1687d475209affa9bac281c6a58c718584f9523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11371
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F6B 41 KB
15 KB 130ms
130ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd63bjCcyNW4geuoc_SyW6aPJrrZE3uY3uH-wlt6rkuFh65hlovXFZyScj3M4ozv_2gp5htQp71NvoOvt-jTMzFxsJf8hPjErPq05b2Ai80HO2kE1z-q_XBu5FZ5g5Ba5nwGeck9iveABWFtg1wP0RqYR5qFIIoF-UanJT6W4dCV4k19c&cry=1&dbm_d=AKAmf-A6s-3IZvcm88GX181ezW-Ce_vO3BIWTjgfPAM-ttoc0uky9jyHlAHild63eX3yFEG-71ga6obihBWzk9hC0Cvi279Yn4l3HlrJIXM2EJHwn7uoOBzSpqkLlUHagKjVMB2Me47yLkkrRn1fw_2Zdks1mY8UK4GhoTNJMXF3b4GBHrBO-audad9BMZEgaYdDERN7ovaQyR-G0yg_ChggrW0glNi39AMl7YJKlxKsgOUQeq7Fjx8uEafwqSMpYmD84DVf9xtBxQvmlzl_5DcxYisLQSYqqhkXSj4GhbbgBDCI8FLeY_5vBWuF5x3jn-UkA9ZKL582SN0hM-NT0aTdh34RPbDD-g1duye5t-cIOZM2fxQHp-Ceg3vOd6M0rQqNpUaVymaUmfLBOV5bRDIUrihGJFDxObq24GbYb2aUBJR3ea0p4IYVhwh12Gu00bAt5iD7itUD95W5LaOwbURGLz74CQYo5OEhCAPSCig2KvtRggBHSQFWTiLRrQa-jePOZV5uvSkpbLkCYH22bpdf3z4LXaPeLdrisHaR5hWFYH-vvDq4POmZBeccQltQjcPSpYtGP8R7WYOyoNBXeYL09fomN4OAt8Dfo5ZwXRGshGIAVB-DKt4Z-cQFgroNCR7UZEQaBvDcsx_Gmnjx6eN-nN3FhqaO8hSzqpzjqy7aG_5URcmManJba_qtjuJgaLcn67Nz0EyRNsUub_mlkXBn7lUAh4zY6geAATzddrx6sDov_HeRIeJkWiKb1eSSRTyTRiJucT_0rSu68s5mwRggPO8LNvLTuIgq6bjMxKyj89cXtZUjQ76fsYN6MkenK7SgcoixlbdpNBEKA-HwX-iJ83_yeVvTsaz0ERaMfayRnf5RUhWGx8dbFVqVkiIz84XA806lJOV-Up4B5l-1W1ope3ZXuD8Nj-_Vf5xNaKcPQGEXmJ7g2Pqw5-EAh8lcX6pQ-oenxhUvk0HHbi-S0IqVu7lw5WD0MoKXhLCamXaUALx9Ysr6TfssnashJQ5nB7p0OGr3__gbPl_3nAYfK4gkTP5SAdWJCkdQupMHseCd-EUgBNb8jSF3c0B9e8xLJNbYnJ5ruZb0MeTlGBJ6mp9n24GANHYWns73v5C3tOIh2v1Nifl2dbwlzZtUlFpRVkzNM7f8m5k5h0tWgdfG1pWQmLEeFeqagfQF4WAFucMBBB7w6qtmOwMruFT32rj6CaAcD_Pdhew1U2U7eoMlH6Jia3i8HNj7vjkOFvvZM6s28-8pAWX_EYnuZeP9RB9l4gTgUJN3yhiWD3LcICkVBNTepJPzqm2ufmbctbr0BchAekAOBfLXGktBB7hqpFZHcpGU5jtrjEAIwORRiNIx6gbDt09I28TjmJzSg50RmQscdbfmrEm4-EOz2dFrFCxZUI4pDNp45GQDzFiCRlC0q8DY7MJNK3ycoBrCGAgeo39U7kgl1IDZ-yfa3UWckXj7PDPyRRE0CNEEA-YXJR0MeiMSm3SlCjqtWO-ieEXgtITS_6YjMe345b_1KWnpdzm1z9znlH9A4Wrg2dPVSpVVU3AmvgqFx1SV1Zj8H-hLHmcEz6GSPQViyoEFh8VTiy6yeIlcFIqjIaYnv9sMNARE3yGFuV09Y6bhYuih7tF_Ri29TBVTHOULJ7zmJvTT3I7UAHk30ZiE9eAgT-__I6-T308Klam9RcJaCGEmYEm9aIobQwm2owZLvqfiSiHpdGu0eBLnKukCykxM-9do7HklBL4EDPzOrtg6KOtmVMRoXVPjXjzB_6Sm2G9tw3ZEZABWc2fL2LkHLmOxOE8y2FsgNYNAUCYvLpABRE6hDXEFnF1kqVshLgg0IKnFno2zTbCLh59N_Sj9C36f_BJIGpbIvfsSw2FMYbWjdVa8Pl_Qsj9EkiE3HCkTNbe2UIUAk-3dZs2SSbWgh0aLNTH7O1CShYEJ9wcsVlE5xJVI9f_2fAb_mbtNBGxjOjILAH7mXdscZ4VRKZNJtII8cigX1jxIbAkOi40R0hIEfYg4mJZAp8NslOzALgV9IZnhWmo70hvXwCfnutyYfZPUjyGZ9sdGQdTls_gVqs-91BCWTFD7x5nvpvaay48-eRTNsqjKOIslshN3Uly466ztIxliE_eQLE6_VZCNFsNXK_iu_wXQIMNDnKf8T3TjEfpepNgusMktF-CpU6-Cn8x5ATk0cCOGyrK7WzMq58GG8NTAFPFRbqldnJrUYjkE_r7MVThLvzNdAoL9jrmBe2XIpRrjzrQ8NZ98iJZSpVNNUuqdBT6Pxmu2_L2H4h_NJwR8vmF6nYqF5Zc_R495f0E-YkQS0dyPVRRVflFn14S_7FgkVktlJSS--UjhYSbomNWzT_CkMBMKODPmlaa6zG4XeQKiWa6qq12imI2PwyjCzUitKkWKL0t12h9-5zDCp4Q4I1mBjrvqQp9tCZyc7abuHaeCvnI4HckZ9WdWmaNBp-cluFLoSgCglx1MhUwH9PcExBf_GWLfTWNR-aT04ajufzYLZ49uHK1gTlaVs1UQyOB6hhRDZDIte9LKow0hepCNmQcID7R08h8DwdqJ5zF6-oBaQP4rFdYNSR1RDUeGoNcy76cDsw0pQHgZAASPJ6AjlKdjt4Kils3f-yhWbP9BN3gIYXBqrDq3q_qYYPMxW5vb-WoDyCpArCjRMqjCrBGov5O6yZV3w-K_GDQ_L4bpsJWBec_0bwufV8bkAcVmWnhXqM6ImwYqSku-8fK9zuUsmMdayTewmWugKc9r9Q9J1C4dSNnu3byYiv7_aZdzqFFwM7OKsxjtc4o5MaD8EamVL8f-VnCXtrXSjsnn7EvzSEh5oefpv__iTk3fgMX8W-J_CldQ5Z-R_44fH_U3vU2YXyxfMmrg0axTIiIkf2Q5uTGmzfj7vQq3sJDeD609CoBNYD014P3Exvnb175EZ-kOh_ptNl67Z1gbk3uzqxo7kAwC3dfUSGThYxtS6CSrfS-tQZGWc2vaAjRb8K0hEJWH0R5L8o2kK_2jo1_Qh3JjlbjLaH6Gh1_f1uf8cgYFfBK8ZRgxZ_viHAe-TJNftIdj4HX0u1oYemNIFZ9RJmw5Gw0Mo5wRrVriVL7Zol-7r9onU7cHHg1PK1A7zC1GrGue3y0jKaCH91Aic78XcYuntINu2wN1dUIpziqDrUjaryIWV2GltsQwTSz7ZrHKrJvhaJqlNNugJhig_NjoBmdTl0wFBgpj7JquWhzZLpXfKWjRpAmUbF9SNdXuWc356TvC4MTGH-rekMgF6L4MINAwOtTEStlCpwXtdN5ga6SIMFaq96S5Q1pX4m7K6LA2S6QyI46V1VrTfj8_wzUAMq4MwwMcmSNKHup5V9x-b8b3-qxRO9Ug3xtga8NEMXujuVxxaJYb4V_k7LQXM6oVmxkVXzbNZEtDAuTEvvJFhROganFyV35JeGxjjK3WT-SY-9m0PA5BBFXh1Mt5KIKmy5W0rQ6_z4c21px0sAGvArOTcTiNpSu3r-ruipkVppE3mqF8TE3NrB0DgjfL2yH-WiWwCVoG2yFkKYSqWnFUWIGF6gJQBdAoP2U7EUoDRsWnPIzgZHTlPgvB0PgUuJXfJnAzU2qzqU2n0VrkgV8RlkPvUECKjNxti7z1lDmV-eB48gPhEG2Vaaf_WzwcB_zVAAV9SGKjDjPK3ObpCKhjZIo8bqgUG01gPbHEOGkpjKugoLrIxy3QfZqXd_e9F6BpQVwhH6Mi_YD0X21QSBDisa0sDg&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=331191194760030400&adk=2923430907&idt=659&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 html5.js Show response
dsp.adviad.com/v1/ Frame 0F6B 14 KB
4 KB 417ms
139ms Script
application/javascript 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.27
Requested by: Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1151
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Bg51GEwvVBIyX6RadtYrTrg2Fcg5%2BVCYtDE23TqlCjy0rMzmu0VjgvsVzHOu4y1grAqJAQZh%2FDQ8XBgNOUtQhKirA%2BcoCtAZGuob8c5mq8lUnqNTVAkD6Frbgvl0c8rtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7dde0612bb4a30d6-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 0F6B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f786dcd0ec980e65f1b5ddbc0870f7264e280e64a08258ad99a3f5a330d2b110

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D672 0
20 B 306ms
305ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7474404332486&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D672 0
20 B 304ms
303ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7474404332486&version=m202301230201&ct=77&x=1&cor=13217623457322506000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D672 15 KB
11 KB 170ms
170ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AExZh6zUevbwSwiQHzd6s3RNO5Q8cxjjdhv8xmrWZEdXXymMxvaTfYOdhPcODyt7-U9Vcs00mfvR01DPGF3lSjFagLc4gjd9jTgBDObEHk7dF3GvlpFPEBvAkiioRqH1TWTG1Ea6l9la2UBd7Pt896v0PU6kE_2f3Zua8UWSMX8J42-UQ&cry=1&dbm_d=AKAmf-DEvHcQJtfcgDusPSveWm7BaeQKVmNvRMSiir8DrhIJYuuckv9TmI9KS09-FQlJLRtZnxddu2u_AMq-SGfLPrSQdscL-9SZUBgrRjju8uxj08tIBK9a3ExRWjWIznEwPdK7Yq6YZNrV2hrvcL9fTnp-nf6L9nxd6o_12-zHVkKnkZHgg9XZ_cEvz0__wR6rcDg5XrtrZBLMHnkEcg120BL_DgtMhNfX5plgBOwjFl770HdTjXrjfZdj7SjONvhz74o3isxSZH-HT81V2mi1YFSZPZ5zfMQHbIuNHMndBTH0XfnmZe3cOgcEhhuyNmbTOJPthbfEihqLylbf0sLeFHRMRE2c3tkLlRXNvk5BddNBD-gZuG1PUsfOidSO7S4pDqjwtEZDwyD1vhtdwSb02Ytg4cq7TF9OAMNX65YwK0q-BNNL91gZwuYiQLCalXfd8SbI5-7WotXurWPxIfguZkTyptS2AA__cn4dT_PmbWaWy9IbdGpdddsV-9JNWKEU3DliqTbvn3OpZXHj3x6S7OmhTplqwhSusRF336YBjBPVUq24a4w7KnJhq6zMqN1h9y0v46veK61Ifw3eR_FCOPMZF1yaRrJZicdLZziJ8Jrj_xesd2LpHBfcMk9FZAx4uSWLjVjcptBCQ3Qt2E3aJKl-BLO5JJHZQhrkadZtRvQ4q1qzKKx7HuFbX0JhyZYoTouDwc8H04uRzarAJy2FaSWeCjnWS5y8S2HHhFiRehTHEVDlCcqhchVMl_dAze3LDTeRKoDP7BQtAjcj9OL3HTB14H0Wm7UZAstehVIBoTsA_hIjuNcLTWqNoBVvueMFtMXE2m_bAHN5xbre8mkLc5BKfyWEuga5EST8Ex86VZ6MpXJF9bojGfqC4vCv01L0VdgFyBhXVDNDh51arK0mKbZW84nRmefeFYE7G9Yo4hFjkUsQD2PqZK8fCR9UtjCnELGJF5qkdYqJhVhIFNTDApsRdQvKoF1wYk0M37Sv1mffbnHN89fYw-1iJD2thfpjYyZFTALglQ9DPZ8otXFWgKRAbfYv701Lr_or_wwNK1KHSWYYhG09Rycsb7cyjzVc24qo_pUpk0wvEpSDdAIUz9vUZkQr8obEp_imUrPKvE8ZOOBNcG5_lXnFerwU75qo4Oi8_RGrq9km0xp-LLxMXoiP3ZIPIwOgtOhHt4w6kEHZOEcTO3KX6EPa4EUNZ18KFWSazy7RBgrjs-2ZbpY5o34vdTmfNfNaTwlEZsSfyyXZh-HduQ2qrPII1JjaHT9IGU5vXQ2hz9UNmdGJd7EZDepNaEsXp4z83UYgCzIno7nUKA0uV13q95kl3S3qZqGJm0cVinbsU9oY7mDZwyLYCaFM7oPpoLAqBbA7uRs9DK9gfVQXE1x8shbjIgA-0zdhw42VVmLRCCCXv6CxhrnxPT5Ev_YVmR9VH2aJZPXP_3ZTcUiA53iyYWFWXJH4de_f3ucxXCXloVKUoNpgVOcJbCK2Jz55vjotiHgO2-YUOyAojsFUTlGcOy6lPSjDai-qLLJfZ0eH0Rr-YX1chsBaaSjavwDXRVIP7twWF1z1R2SUhWEK5s1b94D4cGP0FkMSr4lkR30D6_yW8-1oFoLc2ZKQXmGriEDaLqLG3XKNicWlL90Hau2n3k_iWiE0lkHjgYK-Bw4WbkJFKIuu18si6ZUf-s9l-9DfdkUQkOkMq8E82S0HouKHvTaq9JBjpxg1nQ-bzQZsJhMvkcibATE0PPFQDTFZsPR2KiCC-gMf8Ee4J_J6Efb3lS8yCC-adTJeVgOdfGUGraImPRM1OznoVUMubZqtc5ygrrSy6EOFqB9lpy6wvPGivf14PvG2_7p5UUABnPiHsFPyUU3hc7PVwMozwe8QPxd_Y-rThygW87qpFvJ9fvUKKaaWqeErJJOWgTg0EEnLbK36laSYMRPAccp8Le2Nndm-epWl8NEmKLr7-v8EXp8r1L6wsANsTha8dM8WRAT3CKosiE8Y2kaOhlykVtQui4A3wKbS-T0wjSnLle5lD-Qj7ihwTgxvT4BHjO4vvEVgPUozsnp9V8bL44O7cQ9A7h5fd8gRFUS398zpt3YKsZvaJjuy4HocM96O7pRF11LVPhSeEor7EG5i73g_3JCrn_itU9jG6uJZdWaSElOxoTz-Z2TCE7pgJFt2RObAG-LqPsGZZSh0IHwNQrbhpVD71r0vmifbEtCfoX8L0a2wsX0G5nAlWvrCeVGjGJDAnfVHUzcdBOdNkqP40jiDKe8BGLqZHDdrSk_uojAIe1zQFKFBU7bQvFoY7dmBGsFaZ5P0-l0sIMUMi50sa7LtMZYH2YSv4k2DFYnp0HDR5K7V_kK7sne7Dv6XxDAbVkkI_rWiEqoq79oZ6FtqoCu-vmqvW1-QD78cno9w_rPQg8u91r7yj8UX2gsY7zXuEzyVXzmRT-wyFM5cKFK2yENwe_-4Am_iu0K5Iz450CAMlHhHW15WnENZ5a3692Bqhs_HHQHNZrdocWg8VQpwbvjHgrQgmQ87-wxcqnuqPVjk6gTaRuvIpM4knP2RT7I5-IAWdoPB16JRKapnFPfEjK__t8tI0dxWEifGZ-Yv9UpUbBq-vxqZNQBu5dPIf3Sn4FLwdM5AWYOvFwhgtWdsuzLkrfrafbQRGxlczO4vOL1YDZB-SHAvwUjujgE8RXZGTsfXi-Y4wxvLQtCzkfZgeC9v72i5dmJUZaGtcyQ8QA-0tSxwLfFYuU0GUOLazlZf5rxsPcjdTiDyQ3Y3i49wBJn117fkitgqSehR1TKli_MdCvZra3eFr6t_Ga1eXh07bFONF-gwHKysqheKhLK9R_CzcYTCr2k0DY6_Y2ZNOoC0jyQBQjUbRdZ59tkUz8gn8qai1yThtwmtmvij1rCVtPpdmkF6FfWhHZ8c7l8qxXeZwMFaaz8NN1iDZs6jyj2MtnuK2QYlOEoHvyovA23Z5GZ6qyKJ97hNWbuzTD41I1i59TLv4QpzMteeEm4RCqSCrfJxRsoU2Blq710BHRB2X9Qpx5M9FE4gxXL7zp69PQUwIeRd45GCd5a7DMPR-tFc64qXbNiEHsYt-k2ggj-oOBKwMYiTahtyoUlh8ls9Nk3qItbqYPHn2QhAaQYJwOdvgLMHt_Z_g9WCX8ScX936yMH9oQLRX26NynBYNENU2LilUeubpOV7850nhHSZDfQfUb3UYxzIXlC4ab7yS7zzQxuY6VYrWFDLrpwr4hka4RJOr9iYdwUMpnIuFRjIGXPceqCDRUJerNC1MrPSAN8emGRku3hGDz7LT5FvuQ3uhu_t1VGIbQ-9QbY9sEx-0hyvJvF2b0UyNse9oyWOiD5tZMnhJX1i-ZP4ojQ2FctyloYknl8Oxm_b-CWHyfw1pBa1-lBObXE7AZ7sILwVJS7X86YRZ5THqvT1wpbFl7GKlGrTvQFVNyVazDh0OyLk9JbU3X9R4RWUzRnnCa-QhNbkIPzgHN34yxkPaLNoZrVJHMBQ4Og5hPbPlVkz-acEIWWqgy7MV54Asba2pG9Aen8iagSxpuUNBhbw96t34qPoeSowA6rmFMncGI-jR7GtT3gx1Dg85QG0SjOWTFYv5ygCOIjYUahmcrmeE92M34Y8cAKylzxnuyg0Ql5K5UguHEUYz2ePRkZ4tuh0j5VGxtPKLWUegzkF4NkpKBhjKXJs6ZRxPX_-qxwUzGJd45OafwniM5RH98YEFDyHGve3woos8qDuKhH_IK0-VDbOopVBf-VfGplsujY&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=13217623457322506000&adk=250412560&idt=894&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

971bf4a61f991f414b6aa441c3b24bec9f68389e9dc2f9591e751338c78cddd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B0 0
20 B 295ms
295ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=474103191004&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B0 0
20 B 294ms
294ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=474103191004&version=m202301230201&ct=77&x=1&cor=201170273664664770

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 10B0 15 KB
11 KB 192ms
191ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwT3cCjdduEOgFaV19DZMzLM7_Bsubl7NQkfeArFpsq2vKVDVectSC_uonMCusiYtbvPAYYIIIjrEsRroql159GZ6Kcdr-Or0q1ZnWo7VRnXKgEHrVPqDhLSQXBDnlvEbDFnhZKfAcJXR5w9fz5uqSBhGI6z8gqLpwTq1MxySlZOirBr4&cry=1&dbm_d=AKAmf-BlV1Ohoq2J9HhYtMUW8E5fHeeBU2pwIbTxwtTQKdH9kDkCHzwfuyuX4rWWCvmLN36PCVGKqt3pVvrL73NVIw3hseXDwPcz9S3EO5f59u-G7Zq9HQwDthWv2anFgcKWPSCCptmTZr9d2B1cvXiU1dztM7AOgdVfmNTg7kxMQr1t1kNRyNRg6gTUNSJ2SblyvwM9BEwmWY9ZszCprhhWZO05lE5HaWXv3X71WURsATD4j2crMMldakB0iGJb1JOE3yKERNvW5u4-h0s5M4YzR0Bg46bbwbxSYdmrJHtSzk3gRYn81vmmoLQKQ-McYwkpMOk6mBAzby1qv7tT2VNCLSveVH-uEzvxdY8z2vSGv43ip1iVAI81j80OJh9TeAQ0receq9AnggkUNcRE6Q4IRwrcfrrVcCUbigKfyWx0RsuLhbN2kktZ7TX3A7G6d8XUzDZlQgQdwXzXWFjsocYMEa_ueYM3fXNrV2ELnXmeiyFCQNi2QuYr8Lin5EnqGmEnGysikSsuvXQTWUfIXd1vF2dGgBVX_7oGv2Wr00WMKk2sS4bdLDsGozZVxM4lKcSXMvz79o07lWoqq_fTIGka1J6UFrFnHuZm0gM5LguIdw47P3iBgknhQhked6vNwj21ANVkL6D_RWnAzxCOvYmPdCet7GVK4WRwpHfvDXduRPzji6XCCu-AiB7R-UoZXvQFdnXt1Ziswo1nFIeTKcrR3S0m6UDIWMo0_32xdYLbAzJX5gAhIncLDKbv7ZKTcWgoMjizNjbKrubzCbWP_EmFCXvl5UgOWa1_PG4xS42eGa6ql44cOmEQoy_KxBXA4AqrM_FA_xxyHV7954x6oGouicJLbyyWY7lbSqRY18XoHh9Vxo1xIETdeLyXhXdrbU1Lo3DHOAOLCJddUyfrKXB2dcDd_z7RYE26zL_LVsExMmVzjGQ4fxNRNUBD0pOLV7glJ3sCVLWygjb4C8ftgeKaE76wrlZbE3QS5PdLCnJdVboPoZ6RSSPKTkUwUWm04MFwTmY-AIUVvU1kihzWcTYEFKEj3sIyR2Pql6NMs9jDFAMe0wBZzWqSx__puPQ7b7hvmOFN8KMLBlu109-cBVb3BliSX_BLMtJjlw2afO0McVMaOP5oViFdZsZpSxsUNybSqUysOTUtAwx3fVn_I22s4ryOajw_vvOj3kpXhPmIkEBCXxYiu84LJLtJ3s2XJPToBWBXdeO_bGURefAMVI9fR9sfduuoIu-UpOz5cNSG85yKcetIqVWQ2aK3c6pqS657BULMQwwm5Q4RZXz2Sr2Q61DJd52g-RULssLJZxMmjGqIEC5tug7KwiI5zeNkvjB1I3-SvVzmHtiN5BTXqhUBCxl8wEOKJcoS4rmB5_DNx0J-xiUvpPv_dDXUePSJ4AOG4Bu21u7WDOEO9LJ9xtTp223-AILiwXdOlp7oak12xQJhoYekZOFQtDm7vVLNc6VOlW7s1fheedcuadfpg1VtAXkVIK6XM_XgLZ-I1WmahR_s7wFRMEJQ4WYj3B2ei5abxRBX7KL1MW5zBZP5JEwBnq97gFxQiYPYSilv9mGdYqSkVx53whtWdCfPFbKEiSE4LVMuHeAuHVSM-nzEXA9Z9crWx6cCz_Cu4a0frfxJjXB3nT41TiNGOuBVMaJLCbqBtMRhCsYp_4WLsozVW_JBYl2dKhPC8m-s7F0jpBlEIbQwj8Se2AXfGZxNtwdgUL00v8eEfP32ijV7xRknGhiX3j61E6YWjCD_6_7y33BKqN3Eo6TRcjIhgak8NbQqI65VwGgOlzqHFvq7bnhoy-JRQaMamvmmZwWk2Blig9OkbehiNI9CVHzg_K7RLV_69M5fIQ0GhRhfSPf1yBZBGAKuWGbHHHGivxtOT9rRFO6zPQqc6qpkscX9sddaUHEnBBRBhg4E5kvDO9ITQZjFwf1c3RvIw5GqvLIEvDkv9ZfUpWnBhhsJqcKRwWQOkYsPs7g-QaZ5JK8dTfKDU3vg39bUStgnIQ8UzaC3fXQFs0weXPnaJv-7EbuQqYIW_ygZeHUQC7XjDmGZ4MkYx3PGdzZEJ5kKdjiLWXCHs95GrF0VtRX_a0OTJaGA8ngmTpFd0kCS7JIN039DFLii1NJNGfPYrdktAckFhBZ9lkzZQqzKzRkf0WaCLHwA-Ko5kYWJMhRHsHc6ps0iKeET4fky1CteyNtsbBMPllA4LOiUN1pVD7loVqGKxOzsa7SK5VahlHoLPTojhGlJO2XHhCWU8ksi6kNJhLNHgd-rZBL-geYF_k5EC7xqrODMpjpVbBY6p8M4b2QD47FETovoXCwe4LXV0Hquix10WRXqHA2QbzaUZn-dNIY3GxyqRvRCUT66NuivscxDpiLpZjcjt8trcdhWas_sPWm3OMrs64hgifHsNzTpeTlVfUCV5X6Dxq64X395PK3tAdAbplsaCtlBpe2uSIVaZlsbTZTn5fkVHo2loUC56dnqV58VVWJFei8eNwbR9OzNZ36bjgRvDxySXeBDDkGJov75-oj2c-pI40eaKfyKPRau_UQZQMWT3UzEOEdFaqHexsjKXNO9SK3THJZc4ff7ylB8SPjWO9Qcm5L8W7zXZjwaWqhRB7YueXFBc0jZl37p4aPcsPlLsujI6ejte7FUBziJI0L6K1B32qv3I30IM71EhZVuV5wjU1Ndmeq6nK29HUXGsNSNBYb-rzwru6qxcH_Oynm4tqAsRTdalPW76SSDFQ9WXmNtn1RQGMDdxc2qTWW4jg0moFRQsF-zT7YGGHCDQB3QKabj69zlFLfZWEvxLLyoHlECf6ZN86EDXiAeIqogmzUGAhnAmA6UjKSIO-X1lKDi-0kwFjTpO3i1VZR4V3IKWN4y7byQoad1K5GeYg0lmECubRkzrYLGsgJk4tNTdpIxU1ZoLuMB7EI1mTP4ERt-xgl3IyPdC1sSZeJcwj2w3k7WvBM-qx-GpP08CL6a_P1TOEVcGkKCoXb_KvOsP1t4WIw3omVCI87E6gKxG7_kcw7YYluqGeZHlnow8EKZxRVYS0v6IOtsednuzSyuHT70Jqqpbj-hH22WWmRN2IENi9QZs3LH7C_imHL_0q-Q3Pon_VOI6IK5BkSEnXfPoudePtLB9AZBKED7f2ApfOGTU8Yb1Zx3Yb0SmCxdvI4-xBth4_dqfkCLh3rgHcPEBXhYiNT-nN2QoWRdI1yppKNXV9f99cYeQNFx3uj50Rt4Fo6DiwFQFZLl7u6CRNHF9PUpyM8Lm8VVHOmaNyqQq0OH8AydbcWKzXsvgYJNR-3r20VtHEQNWKKYX7wlAiAx21j68C6QsqXjPN7lF1i1TqziFWwGN5Gp5NwfDHcR2iT0IAo86TlCBra0h8dsHzJyUkqxUps5bfr_taNOeAUvFCIx6YWy7cslAXr1lw4KP7qkC20MuKI1zMAbrqCqhmRghXBBGYV5cgaot6T0I-DvM0eJsIA0QRjkNgqqhR7I-prpZ9gJHBKeRMCuXZ4KSXnIXcoPyifLvN0eQSSGuzvoHtn89xXyFIPg2iQeQZr2uQJUHWEKj5mF6l4zzYJ31U26j7g6qaXH87Qm95txax921GhLBpkVKQws-xHXw_UMk_M0fL4Jzi2QU3xr8DlG0kH2AC6CIy1MTPiwjHOf0U6Qoy-Gc6GgODEJtnjdT8BsSd0WIHjkcRCk8SE9dXLa0ZABsoFdJC0Ii6jvVV6lp1iX2rzr67OaeaC_dqF1rbfKVQKUEQ&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=201170273664664770&adk=356101037&idt=1097&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e2b19f098fce70f8b9d66e94a1ba031e2bbb1b0fee039f1ce5dddbb31924f2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11230
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 994E 22 KB
8 KB 130ms
130ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 603220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D672 41 KB
15 KB 130ms
130ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AExZh6zUevbwSwiQHzd6s3RNO5Q8cxjjdhv8xmrWZEdXXymMxvaTfYOdhPcODyt7-U9Vcs00mfvR01DPGF3lSjFagLc4gjd9jTgBDObEHk7dF3GvlpFPEBvAkiioRqH1TWTG1Ea6l9la2UBd7Pt896v0PU6kE_2f3Zua8UWSMX8J42-UQ&cry=1&dbm_d=AKAmf-DEvHcQJtfcgDusPSveWm7BaeQKVmNvRMSiir8DrhIJYuuckv9TmI9KS09-FQlJLRtZnxddu2u_AMq-SGfLPrSQdscL-9SZUBgrRjju8uxj08tIBK9a3ExRWjWIznEwPdK7Yq6YZNrV2hrvcL9fTnp-nf6L9nxd6o_12-zHVkKnkZHgg9XZ_cEvz0__wR6rcDg5XrtrZBLMHnkEcg120BL_DgtMhNfX5plgBOwjFl770HdTjXrjfZdj7SjONvhz74o3isxSZH-HT81V2mi1YFSZPZ5zfMQHbIuNHMndBTH0XfnmZe3cOgcEhhuyNmbTOJPthbfEihqLylbf0sLeFHRMRE2c3tkLlRXNvk5BddNBD-gZuG1PUsfOidSO7S4pDqjwtEZDwyD1vhtdwSb02Ytg4cq7TF9OAMNX65YwK0q-BNNL91gZwuYiQLCalXfd8SbI5-7WotXurWPxIfguZkTyptS2AA__cn4dT_PmbWaWy9IbdGpdddsV-9JNWKEU3DliqTbvn3OpZXHj3x6S7OmhTplqwhSusRF336YBjBPVUq24a4w7KnJhq6zMqN1h9y0v46veK61Ifw3eR_FCOPMZF1yaRrJZicdLZziJ8Jrj_xesd2LpHBfcMk9FZAx4uSWLjVjcptBCQ3Qt2E3aJKl-BLO5JJHZQhrkadZtRvQ4q1qzKKx7HuFbX0JhyZYoTouDwc8H04uRzarAJy2FaSWeCjnWS5y8S2HHhFiRehTHEVDlCcqhchVMl_dAze3LDTeRKoDP7BQtAjcj9OL3HTB14H0Wm7UZAstehVIBoTsA_hIjuNcLTWqNoBVvueMFtMXE2m_bAHN5xbre8mkLc5BKfyWEuga5EST8Ex86VZ6MpXJF9bojGfqC4vCv01L0VdgFyBhXVDNDh51arK0mKbZW84nRmefeFYE7G9Yo4hFjkUsQD2PqZK8fCR9UtjCnELGJF5qkdYqJhVhIFNTDApsRdQvKoF1wYk0M37Sv1mffbnHN89fYw-1iJD2thfpjYyZFTALglQ9DPZ8otXFWgKRAbfYv701Lr_or_wwNK1KHSWYYhG09Rycsb7cyjzVc24qo_pUpk0wvEpSDdAIUz9vUZkQr8obEp_imUrPKvE8ZOOBNcG5_lXnFerwU75qo4Oi8_RGrq9km0xp-LLxMXoiP3ZIPIwOgtOhHt4w6kEHZOEcTO3KX6EPa4EUNZ18KFWSazy7RBgrjs-2ZbpY5o34vdTmfNfNaTwlEZsSfyyXZh-HduQ2qrPII1JjaHT9IGU5vXQ2hz9UNmdGJd7EZDepNaEsXp4z83UYgCzIno7nUKA0uV13q95kl3S3qZqGJm0cVinbsU9oY7mDZwyLYCaFM7oPpoLAqBbA7uRs9DK9gfVQXE1x8shbjIgA-0zdhw42VVmLRCCCXv6CxhrnxPT5Ev_YVmR9VH2aJZPXP_3ZTcUiA53iyYWFWXJH4de_f3ucxXCXloVKUoNpgVOcJbCK2Jz55vjotiHgO2-YUOyAojsFUTlGcOy6lPSjDai-qLLJfZ0eH0Rr-YX1chsBaaSjavwDXRVIP7twWF1z1R2SUhWEK5s1b94D4cGP0FkMSr4lkR30D6_yW8-1oFoLc2ZKQXmGriEDaLqLG3XKNicWlL90Hau2n3k_iWiE0lkHjgYK-Bw4WbkJFKIuu18si6ZUf-s9l-9DfdkUQkOkMq8E82S0HouKHvTaq9JBjpxg1nQ-bzQZsJhMvkcibATE0PPFQDTFZsPR2KiCC-gMf8Ee4J_J6Efb3lS8yCC-adTJeVgOdfGUGraImPRM1OznoVUMubZqtc5ygrrSy6EOFqB9lpy6wvPGivf14PvG2_7p5UUABnPiHsFPyUU3hc7PVwMozwe8QPxd_Y-rThygW87qpFvJ9fvUKKaaWqeErJJOWgTg0EEnLbK36laSYMRPAccp8Le2Nndm-epWl8NEmKLr7-v8EXp8r1L6wsANsTha8dM8WRAT3CKosiE8Y2kaOhlykVtQui4A3wKbS-T0wjSnLle5lD-Qj7ihwTgxvT4BHjO4vvEVgPUozsnp9V8bL44O7cQ9A7h5fd8gRFUS398zpt3YKsZvaJjuy4HocM96O7pRF11LVPhSeEor7EG5i73g_3JCrn_itU9jG6uJZdWaSElOxoTz-Z2TCE7pgJFt2RObAG-LqPsGZZSh0IHwNQrbhpVD71r0vmifbEtCfoX8L0a2wsX0G5nAlWvrCeVGjGJDAnfVHUzcdBOdNkqP40jiDKe8BGLqZHDdrSk_uojAIe1zQFKFBU7bQvFoY7dmBGsFaZ5P0-l0sIMUMi50sa7LtMZYH2YSv4k2DFYnp0HDR5K7V_kK7sne7Dv6XxDAbVkkI_rWiEqoq79oZ6FtqoCu-vmqvW1-QD78cno9w_rPQg8u91r7yj8UX2gsY7zXuEzyVXzmRT-wyFM5cKFK2yENwe_-4Am_iu0K5Iz450CAMlHhHW15WnENZ5a3692Bqhs_HHQHNZrdocWg8VQpwbvjHgrQgmQ87-wxcqnuqPVjk6gTaRuvIpM4knP2RT7I5-IAWdoPB16JRKapnFPfEjK__t8tI0dxWEifGZ-Yv9UpUbBq-vxqZNQBu5dPIf3Sn4FLwdM5AWYOvFwhgtWdsuzLkrfrafbQRGxlczO4vOL1YDZB-SHAvwUjujgE8RXZGTsfXi-Y4wxvLQtCzkfZgeC9v72i5dmJUZaGtcyQ8QA-0tSxwLfFYuU0GUOLazlZf5rxsPcjdTiDyQ3Y3i49wBJn117fkitgqSehR1TKli_MdCvZra3eFr6t_Ga1eXh07bFONF-gwHKysqheKhLK9R_CzcYTCr2k0DY6_Y2ZNOoC0jyQBQjUbRdZ59tkUz8gn8qai1yThtwmtmvij1rCVtPpdmkF6FfWhHZ8c7l8qxXeZwMFaaz8NN1iDZs6jyj2MtnuK2QYlOEoHvyovA23Z5GZ6qyKJ97hNWbuzTD41I1i59TLv4QpzMteeEm4RCqSCrfJxRsoU2Blq710BHRB2X9Qpx5M9FE4gxXL7zp69PQUwIeRd45GCd5a7DMPR-tFc64qXbNiEHsYt-k2ggj-oOBKwMYiTahtyoUlh8ls9Nk3qItbqYPHn2QhAaQYJwOdvgLMHt_Z_g9WCX8ScX936yMH9oQLRX26NynBYNENU2LilUeubpOV7850nhHSZDfQfUb3UYxzIXlC4ab7yS7zzQxuY6VYrWFDLrpwr4hka4RJOr9iYdwUMpnIuFRjIGXPceqCDRUJerNC1MrPSAN8emGRku3hGDz7LT5FvuQ3uhu_t1VGIbQ-9QbY9sEx-0hyvJvF2b0UyNse9oyWOiD5tZMnhJX1i-ZP4ojQ2FctyloYknl8Oxm_b-CWHyfw1pBa1-lBObXE7AZ7sILwVJS7X86YRZ5THqvT1wpbFl7GKlGrTvQFVNyVazDh0OyLk9JbU3X9R4RWUzRnnCa-QhNbkIPzgHN34yxkPaLNoZrVJHMBQ4Og5hPbPlVkz-acEIWWqgy7MV54Asba2pG9Aen8iagSxpuUNBhbw96t34qPoeSowA6rmFMncGI-jR7GtT3gx1Dg85QG0SjOWTFYv5ygCOIjYUahmcrmeE92M34Y8cAKylzxnuyg0Ql5K5UguHEUYz2ePRkZ4tuh0j5VGxtPKLWUegzkF4NkpKBhjKXJs6ZRxPX_-qxwUzGJd45OafwniM5RH98YEFDyHGve3woos8qDuKhH_IK0-VDbOopVBf-VfGplsujY&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=13217623457322506000&adk=250412560&idt=894&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 html5.js Show response
dsp.adviad.com/v1/ Frame D672 14 KB
4 KB 167ms
140ms Script
application/javascript 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.27
Requested by: Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1151
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB2VgQhaVHh4Yt3u2n3nrZuMmmSb%2BV9qpTnz%2FMdwCFwA9Uan8MyKDgy1H6iPjZJAQZXi%2BIg76usC1ejYnFH9OLTWBTgyDLav5%2FCJJX8qqRBT2nn0vXHFFH64Sxd3kDL3Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7dde0612bb4b30d6-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame D672 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27db52eefe4861342113ffa1ee024f98a65d44ff81f708cb45af7bf0c8b93272

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 48C6 15 KB
6 KB 462ms
157ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 210322
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 432ms
152ms XHR
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Jun 2023 13:26:47 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 10B0 41 KB
15 KB 133ms
133ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwT3cCjdduEOgFaV19DZMzLM7_Bsubl7NQkfeArFpsq2vKVDVectSC_uonMCusiYtbvPAYYIIIjrEsRroql159GZ6Kcdr-Or0q1ZnWo7VRnXKgEHrVPqDhLSQXBDnlvEbDFnhZKfAcJXR5w9fz5uqSBhGI6z8gqLpwTq1MxySlZOirBr4&cry=1&dbm_d=AKAmf-BlV1Ohoq2J9HhYtMUW8E5fHeeBU2pwIbTxwtTQKdH9kDkCHzwfuyuX4rWWCvmLN36PCVGKqt3pVvrL73NVIw3hseXDwPcz9S3EO5f59u-G7Zq9HQwDthWv2anFgcKWPSCCptmTZr9d2B1cvXiU1dztM7AOgdVfmNTg7kxMQr1t1kNRyNRg6gTUNSJ2SblyvwM9BEwmWY9ZszCprhhWZO05lE5HaWXv3X71WURsATD4j2crMMldakB0iGJb1JOE3yKERNvW5u4-h0s5M4YzR0Bg46bbwbxSYdmrJHtSzk3gRYn81vmmoLQKQ-McYwkpMOk6mBAzby1qv7tT2VNCLSveVH-uEzvxdY8z2vSGv43ip1iVAI81j80OJh9TeAQ0receq9AnggkUNcRE6Q4IRwrcfrrVcCUbigKfyWx0RsuLhbN2kktZ7TX3A7G6d8XUzDZlQgQdwXzXWFjsocYMEa_ueYM3fXNrV2ELnXmeiyFCQNi2QuYr8Lin5EnqGmEnGysikSsuvXQTWUfIXd1vF2dGgBVX_7oGv2Wr00WMKk2sS4bdLDsGozZVxM4lKcSXMvz79o07lWoqq_fTIGka1J6UFrFnHuZm0gM5LguIdw47P3iBgknhQhked6vNwj21ANVkL6D_RWnAzxCOvYmPdCet7GVK4WRwpHfvDXduRPzji6XCCu-AiB7R-UoZXvQFdnXt1Ziswo1nFIeTKcrR3S0m6UDIWMo0_32xdYLbAzJX5gAhIncLDKbv7ZKTcWgoMjizNjbKrubzCbWP_EmFCXvl5UgOWa1_PG4xS42eGa6ql44cOmEQoy_KxBXA4AqrM_FA_xxyHV7954x6oGouicJLbyyWY7lbSqRY18XoHh9Vxo1xIETdeLyXhXdrbU1Lo3DHOAOLCJddUyfrKXB2dcDd_z7RYE26zL_LVsExMmVzjGQ4fxNRNUBD0pOLV7glJ3sCVLWygjb4C8ftgeKaE76wrlZbE3QS5PdLCnJdVboPoZ6RSSPKTkUwUWm04MFwTmY-AIUVvU1kihzWcTYEFKEj3sIyR2Pql6NMs9jDFAMe0wBZzWqSx__puPQ7b7hvmOFN8KMLBlu109-cBVb3BliSX_BLMtJjlw2afO0McVMaOP5oViFdZsZpSxsUNybSqUysOTUtAwx3fVn_I22s4ryOajw_vvOj3kpXhPmIkEBCXxYiu84LJLtJ3s2XJPToBWBXdeO_bGURefAMVI9fR9sfduuoIu-UpOz5cNSG85yKcetIqVWQ2aK3c6pqS657BULMQwwm5Q4RZXz2Sr2Q61DJd52g-RULssLJZxMmjGqIEC5tug7KwiI5zeNkvjB1I3-SvVzmHtiN5BTXqhUBCxl8wEOKJcoS4rmB5_DNx0J-xiUvpPv_dDXUePSJ4AOG4Bu21u7WDOEO9LJ9xtTp223-AILiwXdOlp7oak12xQJhoYekZOFQtDm7vVLNc6VOlW7s1fheedcuadfpg1VtAXkVIK6XM_XgLZ-I1WmahR_s7wFRMEJQ4WYj3B2ei5abxRBX7KL1MW5zBZP5JEwBnq97gFxQiYPYSilv9mGdYqSkVx53whtWdCfPFbKEiSE4LVMuHeAuHVSM-nzEXA9Z9crWx6cCz_Cu4a0frfxJjXB3nT41TiNGOuBVMaJLCbqBtMRhCsYp_4WLsozVW_JBYl2dKhPC8m-s7F0jpBlEIbQwj8Se2AXfGZxNtwdgUL00v8eEfP32ijV7xRknGhiX3j61E6YWjCD_6_7y33BKqN3Eo6TRcjIhgak8NbQqI65VwGgOlzqHFvq7bnhoy-JRQaMamvmmZwWk2Blig9OkbehiNI9CVHzg_K7RLV_69M5fIQ0GhRhfSPf1yBZBGAKuWGbHHHGivxtOT9rRFO6zPQqc6qpkscX9sddaUHEnBBRBhg4E5kvDO9ITQZjFwf1c3RvIw5GqvLIEvDkv9ZfUpWnBhhsJqcKRwWQOkYsPs7g-QaZ5JK8dTfKDU3vg39bUStgnIQ8UzaC3fXQFs0weXPnaJv-7EbuQqYIW_ygZeHUQC7XjDmGZ4MkYx3PGdzZEJ5kKdjiLWXCHs95GrF0VtRX_a0OTJaGA8ngmTpFd0kCS7JIN039DFLii1NJNGfPYrdktAckFhBZ9lkzZQqzKzRkf0WaCLHwA-Ko5kYWJMhRHsHc6ps0iKeET4fky1CteyNtsbBMPllA4LOiUN1pVD7loVqGKxOzsa7SK5VahlHoLPTojhGlJO2XHhCWU8ksi6kNJhLNHgd-rZBL-geYF_k5EC7xqrODMpjpVbBY6p8M4b2QD47FETovoXCwe4LXV0Hquix10WRXqHA2QbzaUZn-dNIY3GxyqRvRCUT66NuivscxDpiLpZjcjt8trcdhWas_sPWm3OMrs64hgifHsNzTpeTlVfUCV5X6Dxq64X395PK3tAdAbplsaCtlBpe2uSIVaZlsbTZTn5fkVHo2loUC56dnqV58VVWJFei8eNwbR9OzNZ36bjgRvDxySXeBDDkGJov75-oj2c-pI40eaKfyKPRau_UQZQMWT3UzEOEdFaqHexsjKXNO9SK3THJZc4ff7ylB8SPjWO9Qcm5L8W7zXZjwaWqhRB7YueXFBc0jZl37p4aPcsPlLsujI6ejte7FUBziJI0L6K1B32qv3I30IM71EhZVuV5wjU1Ndmeq6nK29HUXGsNSNBYb-rzwru6qxcH_Oynm4tqAsRTdalPW76SSDFQ9WXmNtn1RQGMDdxc2qTWW4jg0moFRQsF-zT7YGGHCDQB3QKabj69zlFLfZWEvxLLyoHlECf6ZN86EDXiAeIqogmzUGAhnAmA6UjKSIO-X1lKDi-0kwFjTpO3i1VZR4V3IKWN4y7byQoad1K5GeYg0lmECubRkzrYLGsgJk4tNTdpIxU1ZoLuMB7EI1mTP4ERt-xgl3IyPdC1sSZeJcwj2w3k7WvBM-qx-GpP08CL6a_P1TOEVcGkKCoXb_KvOsP1t4WIw3omVCI87E6gKxG7_kcw7YYluqGeZHlnow8EKZxRVYS0v6IOtsednuzSyuHT70Jqqpbj-hH22WWmRN2IENi9QZs3LH7C_imHL_0q-Q3Pon_VOI6IK5BkSEnXfPoudePtLB9AZBKED7f2ApfOGTU8Yb1Zx3Yb0SmCxdvI4-xBth4_dqfkCLh3rgHcPEBXhYiNT-nN2QoWRdI1yppKNXV9f99cYeQNFx3uj50Rt4Fo6DiwFQFZLl7u6CRNHF9PUpyM8Lm8VVHOmaNyqQq0OH8AydbcWKzXsvgYJNR-3r20VtHEQNWKKYX7wlAiAx21j68C6QsqXjPN7lF1i1TqziFWwGN5Gp5NwfDHcR2iT0IAo86TlCBra0h8dsHzJyUkqxUps5bfr_taNOeAUvFCIx6YWy7cslAXr1lw4KP7qkC20MuKI1zMAbrqCqhmRghXBBGYV5cgaot6T0I-DvM0eJsIA0QRjkNgqqhR7I-prpZ9gJHBKeRMCuXZ4KSXnIXcoPyifLvN0eQSSGuzvoHtn89xXyFIPg2iQeQZr2uQJUHWEKj5mF6l4zzYJ31U26j7g6qaXH87Qm95txax921GhLBpkVKQws-xHXw_UMk_M0fL4Jzi2QU3xr8DlG0kH2AC6CIy1MTPiwjHOf0U6Qoy-Gc6GgODEJtnjdT8BsSd0WIHjkcRCk8SE9dXLa0ZABsoFdJC0Ii6jvVV6lp1iX2rzr67OaeaC_dqF1rbfKVQKUEQ&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpastelink.net%2F&ds=l&xdt=1&iif=1&cor=201170273664664770&adk=356101037&idt=1097&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 html5.js Show response
dsp.adviad.com/v1/ Frame 10B0 14 KB
4 KB 163ms
162ms Script
application/javascript 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.27
Requested by: Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1151
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbNGUg1UyiuknLIocq%2B1wbMNanV9C4yJ4NldRp9wntQ3Sui2ejC0IUXUhpDea7C2X%2BiVRcCw%2BFGKHeiu8UYkK26OZeCHPIhJVSJUUpqoWNPZeKusFPa6pHdxtpMJV2gLhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7dde0612db8030d6-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 10B0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4f213bb4122740c4523663e6cdcb4dab2169915f80293cedca72e0551cd249a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 994E 38 KB
14 KB 131ms
130ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 06:29:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 168ms
168ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306220101&jk=2462141144769339&bg=!cHOlcyfNAAYQ3eRoMN07ADkAdvg8Wkzfbe4tCBMNctVPgC9XtPhQApsbJssMi1OQHh0ZUcBbZoXrw1hCXAlehUHM7hHUlec_F2cCAAAAWVIAAAACaAEHmQKYb4yYSW6MT7Vkvc0djKBVIZPhzR7bB0E7bD9QHKzX2cdmlS_UC9iTkkLoO2mTqQXdUu1hNKPC62jwkIt99W6VKAg1kWtz8V1sjME1tj9eUtgYavY6DBt7xIq5EqEqM1Xsw5xgJe3V_w-BTiH9KRJsz0lj2qH_ZZMHxM3fMW-sfFa18mZzfnAFDG9CQ5y_J9YqQq7rnLPT8H9XxseaD-YtCtG_BDbAX5NEc6syZiwzm2XePPFN9Wz9kLR0nNAxXM5R36dXIBBs3NczQxX2vgeWlnExXX2mUILlREJqq_h-HDHaP3-1hfi7ecOdSC0O-0IE57Krn42hEHwBwK8xJqiq473TRE0V_HmCPC1aV3sFhlg262G_OCtXaqpGjWukT1hivK4JupHVATKy0Ar9PJJhNmBk654BcsQizZA6F_oxjzaKZGvLVlQrFh5fuoOheyKvopq47i6I773-uOGBhJixlSkGKrx3U03BqwPeKON4LOsoNK6kbtjPa2tzPEukKXhqlnwgTdiCqDW14gWUgoItduRz5P3PvcZzYCPpviCnLq_Ltjpk2rfgXTJ-hMch-zwaZ6Ek9pTxtvo2meiXoguSo0rO8FKsxGBZtoUlxma2KSLZ9EPW5hWP0qdTeFmAbJFfNjVe7cwUnavH8W_MZHr4oSJ-EgKNXU5ebwZcSucD_s3kbbzBWOhE5-UzsOeFh5x_67qTPL3cy6xALbk46NqpaHbd-fr33DFyy-iTMPtMdOOLppqhHHd_Yez4iAQ3Y1JnMiMw8SetMfCz9MTwwe1S_7EmBRHcJo5YOYuoqYloXyjrR5wo7XyLAtZbMDw881vyiZWmJcYeMMPR1TZkQtVBchiCz5MabULDIljvzCV2a7WLv93S_DtsiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/ Frame DA7B 3 KB
1 KB 152ms
138ms Document
text/html 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/

Requested by

Host: dsp.adviad.com
URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fd0c74e433ba44c32ff15446692279ffdc71cbe9735f03cdd687f488d0e303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 177464
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=304800
cf-cache-status: HIT
cf-ray: 7dde0613ac9830d6-FRA
content-encoding: br
content-type: text/html
date: Tue, 27 Jun 2023 13:26:47 GMT
last-modified: Mon, 15 May 2023 16:43:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9%2F0JjTFtcS%2F017ai3WWz482qpvOOB60ii0dhYAH5f8XTJG0qLarR6XUDm3SswpY5FX7hysVYhD92dnmwXGg7kcvDmun2DysRkifZB95VWoOow03N6%2FpuR8reKSsGskHiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4DCB 22 KB
8 KB 131ms
130ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 603220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/ Frame 0749 3 KB
1 KB 149ms
139ms Document
text/html 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/

Requested by

Host: dsp.adviad.com
URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe76da12fade3fed2b62fcf2cebf8b09bc21382255533f6520b15b283e605f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 177130
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=304800
cf-cache-status: HIT
cf-ray: 7dde0613ac9730d6-FRA
content-encoding: br
content-type: text/html
date: Tue, 27 Jun 2023 13:26:47 GMT
last-modified: Mon, 22 May 2023 15:27:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyqzAxnIeWp9QTgFo41%2FggPbtNkBcZx1psZbCqOWJJOP0O%2FGetQy53Zga6cFcjAuqfmt2G5mlV9b6MLPm%2FyJKsTXw5pfOZlTPHleyBZcArkMQhjeLlehxyQQFuu%2F6kYmNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 / Show response
cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/ Frame 4259 3 KB
1 KB 140ms
139ms Document
text/html 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/

Requested by

Host: dsp.adviad.com
URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e1440ca53257dd63169bcd1db93836d6f823d62d9e8827c21c41f06f0010ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 177077
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=304800
cf-cache-status: HIT
cf-ray: 7dde0613ecf730d6-FRA
content-encoding: br
content-type: text/html
date: Tue, 27 Jun 2023 13:26:47 GMT
last-modified: Mon, 22 May 2023 15:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojnHZEcvquE1QBjriGykoiRs%2FJeJmCi8HsLpLCLmptxqYyP4MJZC90GSff4y1Xc30NPzprzB1zndV1dDklFnL6iKjC8KgBcnGL%2FE8bvzBvPz86TRCYm3IzzuT66hxdyp6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3D73 22 KB
8 KB 132ms
131ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 603220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DA7B 236 KB
63 KB 141ms
140ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:26:47 GMT

GET
H2 200 index.js Show response
cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/ Frame DA7B 39 KB
10 KB 165ms
165ms Script
application/javascript 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/index.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f684369b97937555ac09393e6f56dab34bf038ef01a6ba52e1b3637d1880f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 May 2023 16:43:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 177464
etag: W/"64626122-9b6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QdJVHX6NZ%2B9esw%2BNXl6f8ZJqGv8FwAPJm2Wf9LrHI3LEmHXO6CZg4QrB9ebqIoBCEQXhbXfulUrzsthva%2FF2bNUILmslbZJTP45CFgdGFzyO9WP2ZMbTMmpgyZ2RYHAqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=304800
cf-ray: 7dde0614ce3430d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0749 236 KB
63 KB 151ms
151ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:26:47 GMT

GET
H2 200 index.js Show response
cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/ Frame 0749 96 KB
13 KB 140ms
140ms Script
application/javascript 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/index.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7068ca07c5102854ac55b70080fc7a706969a21b455f59453849f988f1f59aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 May 2023 15:27:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 177129
etag: W/"646b89e6-17f66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kfjbgw7UdOLPxK1zaFE%2FRaBTZzP4IqVyAWgbaEyJ4VRJrrn5bB3xAEcd3xAi%2FxxwoyvUj%2BdY2nxANu5HmA3SYPBX40BPRp4Dd9ObCZPq8WtPdwfrhaBfqQiQ0xspyavHaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=304800
cf-ray: 7dde0614ce3630d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4259 236 KB
63 KB 143ms
143ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Jun 2023 13:26:47 GMT

GET
H2 200 index.js Show response
cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/ Frame 4259 140 KB
15 KB 149ms
149ms Script
application/javascript 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/index.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f2882338583beb4ce78746bf3c3cf84711928f0027d9500ecec9e42e116e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 May 2023 15:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 177077
etag: W/"646b900a-2319e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=228fhpK10w6PDYs0bbkiYAE%2BYr2VEaa7CQjk7SB2YDC8Tkl%2FfSi45GqiEHH3uwOZ3YuABz4DBtY94Gr%2BWRxYh23yw0GTvciT6OuxYmARjKCu4fhzOuhLM6RzZ9BIvcdLjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=304800
cf-ray: 7dde06152ecf30d6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DCB 38 KB
14 KB 137ms
137ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 06:29:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 994E 0
20 B 168ms
167ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BR828l-OaZPNJyKHuA9f-lIADAAAAADgB4AQC&bg=!_f6l_qrNAAYQ3eRoMN07ADkAdvg8Wutb9PFv0NOhAUt97xyFlMeOFICnZJPm9E_4trShmXKglxLjuC-PlIkEvVvFzQAlZH8V3uUCAAAAm1IAAAAFaAEHCgCECCO031mk3P26rqdZSEti9LYKkg3tE4JKnNL8UnaS1COYVN0TpdHjjuB7r4JMICXzJXnm6tJMuZ7VBokP7fBdBHrhnDNFjHLXER-3eY9XXJ4nXK88ozqn0wov3UncZGpwthMyQ1g35WgcwDpu8alPfkkA4OjX4RkHPd3aIeyAlGYZzYcnmQLivYjT16S0qxOh4eo4RKWYXbq9NF7ZVCBCk1MY-wzHJIEIo6U2ptoLfRwFXmmuAXEhmP11gQSdsTVnbzIRTkRjDdkUL7ME3tctSIxL0yKbHB-ok4yElJFjGUyXxPt_gRFmCCoc7UNm93v8UdiMGqACvkWL6UB-rMG0A5X_sSnOWBKhBRNHiVAiE9R6-QGwOzTD644GGDGy2s2vPGBLY8i2BFETopVaHdS2zpJSQvO45FwAUAxWPRBxCGgWIPUQjZSp3VPV_jBV-j_IJ0EV1_x-E9GZJLrH_HolwN192mnBh9uMWPiEm1-Vjiu-Tj1MBJX41deQbpy6mKUO9X1hH87Cdwl17fogo9d14uAMSyqet9i2-OkinNBp8dmgBlDMt_0URi_tDMmgphr1VslQFK0OCv08JR9469BKA0hwW1hyYg85mEo5KSVWNDNLAo-Oi2EXiPVhvjk_1D3gOLS2I6J06dfDGp8uGZe_kAIdXibT9SB7AW9bH7Ajr6rkyDOYv_wKgP69Ubvingeb1x4LbmLeh4cjirOb-5hZaTYycuG6E6RtBsmDRcLRfxuZ_b42jTirSxSJ8fRVIPpRN4K8mKks30PtiwVFCGRNPUS9x7P0Trn0ceeYwi0bXVTkwTW-1bQbqt8eqAs6AHXU6BKiRY_1sVwmSidW0DkuWG17kDJ8J2ytQO6sJLySgQaGq4f534KmTgFcSrHRuQn-9a2GFlzvhKdupbus1bnrg2oHj9gIhS_F3a3YdNYtL-G2DoFyZrOpJ5U02enUa1EZO9s2h_PS0nFd9tFDKTXh8JB5z_7vy-AzpzbJCg3wFjJ3gcWaP3HSlV8EuCYUtC7lm2fywH8Ee6T3JYUhlglrwJW78mBXH7MbcsWoziRasXlPlAPfU86Ks0fnisK3poVspSsaivZI6pL4AwGqPIN6r_uggikYsxNxd2x6-V1FW6WCn_gAFyWrl2VAt3rk1ElZaKBuaA6WF1t8

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D73 38 KB
14 KB 130ms
130ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 06:29:06 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 48C6 433 B
561 B 152ms
152ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1212e410d8a426f4123309be201238e337454cb511337df12ac92ea571cf9c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1239113
expires: 0

GET
H3 200 Dodgeball_bg.jpg
cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/images/ Frame DA7B 109 KB
110 KB 148ms
147ms Image
image/jpeg 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/images/Dodgeball_bg.jpg

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9b6b4cab6ad3b4b3fddd7e3e147cb6aea4e2a4e4b8a73e1991da09ccb31fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177139
alt-svc: h3=":443"; ma=86400
content-length: 111818
last-modified: Mon, 15 May 2023 16:43:14 GMT
server: cloudflare
etag: "64626122-1b4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rY4mMkp8JJc16wl%2BjIdBeYtrgQyKq3O6y47lbekLCP1KzpfTkRryKAkMaC7LISqJyCvVUK3qPN29q82JN%2FzZH38I%2BUeHNxTidwYqJVL1vL2xXbT6cWmk%2Fzdjjqb%2BiFjsTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7dde06161bbb90d6-FRA

GET
H3 200 bg2.jpg
cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/images/ Frame 0749 32 KB
32 KB 270ms
269ms Image
image/jpeg 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/images/bg2.jpg

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51cf16e8528b144b1cc5e7bbea4e42d78933025647fb7e9cfae3b1ea25e843cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177570
alt-svc: h3=":443"; ma=86400
content-length: 32417
last-modified: Mon, 22 May 2023 15:27:34 GMT
server: cloudflare
etag: "646b89e6-7ea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhAJIxGD1FSvG9ta6XcL4iV4TSXplLT4FH6Gg9QUltlarwG%2F0y0eEi6d8WmRd0Lx7UG74PbZvWHMip4a26t%2Fb5LkhrMpDn5g%2Fh325b%2BXgwoEI8pZ7WGibfs6UW58OU%2FJDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7dde06162bd190d6-FRA

GET
H3 200 bg.jpg
cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/images/ Frame 4259 17 KB
18 KB 1180ms
1180ms Image
image/jpeg 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/images/bg.jpg

Requested by

Host: c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
URL: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ced749e6ec290955032e192d47b50488d50aec6a29a3e748047b9e3ae6e2ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177214
alt-svc: h3=":443"; ma=86400
content-length: 17434
last-modified: Mon, 29 May 2023 15:43:16 GMT
server: cloudflare
etag: "6474c814-441a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0372eUxEdwJ%2Brto6HL4LK4gKEC1%2B6ngWOTISsgxxoiFbMIH5u556CAvNWhsx54HahrOxAEzubRchfSpxaAArEqF8R9h6BAraD4gW1CU%2BihHaum7Ee3GnYrDHkEFrr8Jbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7dde06169c4d90d6-FRA

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 8773 9 KB
4 KB 412ms
136ms Document
text/html 13.32.99.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-30.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 33113
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 27 Jun 2023 04:14:56 GMT
etag: W/"481f0eb11193eeaea6a690e5c66c57a4"
last-modified: Wed, 07 Jun 2023 17:56:33 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-id: a6s3GJNdDbn5jCwJZuQGZEch0XeXGkGfRG47vWST8CiwBhUqCPuz1Q==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0c92ffba-51e2-4731-859f-5f9f5816d5c0
x-amz-meta-codebuild-content-md5: 0784681e688ba45904ac0a64aa0b0a6b
x-amz-meta-codebuild-content-sha256: 956b79d89029f14eaea1f363768b0942a0576bc42557ef6c8f6cc53fdc4d8515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2387 16 KB
6 KB 413ms
133ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78291
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 27 Jun 2023 13:26:48 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6DB3 4 KB
2 KB 134ms
133ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1687872404830

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

9e9361bb18dfffacc0900be3b2ffef287c8f4845fd38cbded420dace069160df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1378
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 usync.html Show response
u.4dex.io/ Frame 9861 822 B
1 KB 415ms
141ms Document
text/html 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 1fb7230ee1cb4c4a7c4ba1f7224f971d1141dd39672b690b509987c90c062dc0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 822
content-type: text/html; charset=utf-8
date: Tue, 27 Jun 2023 13:26:48 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E2EA 52 KB
17 KB 499ms
196ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 27 Jun 2023 13:26:48 GMT
ETag: "623de86a-cf34"
Expires: Wed, 28 Jun 2023 13:26:50 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8C07 37 KB
12 KB 460ms
159ms Document
text/html 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d3cc545b13c620185641a001032efb70ac22e30d99c0ae8b534ac1bf2cf0569d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=158390
content-encoding: gzip
content-length: 12238
content-type: text/html; charset=UTF-8
date: Tue, 27 Jun 2023 13:26:48 GMT
expires: Thu, 29 Jun 2023 09:26:38 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 552F 281 B
554 B 381ms
123ms Document
text/html 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1687872000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Jun 2023 13:26:48 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0F6B 42 B
174 B 171ms
168ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvp3aAXOaENywGVIb0a2zIsjmprVkp_mLVEtwAsbPsBrcoXVCpi2rLrKepBfjOtvsN1ZprxpYJYDoVZFh6x7z3Dv2xLJA6Fn1d5u8arZ40Mp0ntcwqE9CuwydK2ljO&sai=AMfl-YQHgpH3Yr0Ec_PZSEnKkzyvk5a_KhVml5pyt6PFJ7-JmqD8nJV7OOSyw9jyHunuUtwvnUgOoS_-spsstc1h8d5c1X82UhHhy1UmJGU4qo_H275LHgL96W80c4jnBLjUhBuDbrBmtdWwkOD2&sig=Cg0ArKJSzIjYljRvN6y2EAE&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&id=lidar2&mcvt=1014&p=350,495,630,831&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3944560474&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687872405957&rpt=1193&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DCB 0
20 B 170ms
169ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWKqjl-OaZKGiD5D_gQedurmYBQAAAAA4AeAEAg&bg=!REelRxPNAAYQ3eRoMN07ADkAdvg8WlpvQI2f9Y5nVnz_K9I-jgP74o3HBcark7fQYqh6tGOsEQ-rP6tfyBQjf7oqsVHRSyU9BFsCAAABBlIAAAADaAEHCgA4IZtJNpAlo6JmAdKRF3FN4Q6fpfWfjzAhEiE3kNweYNrfOfgzHHuaTtppdkZtYfE4baH8E6vrOi-ZAvEWd0cZG0TZ9bg7znuJbaD30cE5yfwgZDDTg_zIs4e8pfknh2D37izLEIFxHifdKNOeOuopitY5srKF4Lp9m2817lohaIce4yDwlxQHQwg9iiPRtlCF96PkGvwZzl2fm1ux2fa7lsLx2_U5NuDcCsYaQe7cB_l-iSWAl2M10wb9q5ms2HsigdCg1JmMFwzqRvm6JDmmkbc80sIk97OSPDfmmUyNbvVSWViTWnJvm50ytXsfKpGI_StEylMxbU755t3bIsXdrAdNTwUgxLdSz5zVQTpNOV5PYaI7PSTueBBqBKzT-MPkCu-vrhMBmfFS1fEsBwICHmnnVtf8B8gRnk9Pu5SKOBt4qmQ7klGC_YOT9DJcmu1xOO8eCgSphy8ltdL7u796DVEg3q0QBz0EQ9G8zIIoFmDW3L2dqR3UHKfhXgrErFfkaVRinL8epvCOcUbbAAkAtWDCwtZaRt6XQiZ4AWVZHxhPVlGZ0uji8BNM0Df3coPO3SWBNmrKI7En955q5iP4hxseMCCnhMP9RRMKzHOGQsMKpCH6Y8z6MYt7ZXIySy69eREpvaRKk5qGjGJJF4fechGedQ6nqw6bH2FaKcPaEYQFgWQeuFiPUuljJ7KF-7-ol6jnBCH9PwgeVtncK1XhKN_Z4xbkc6yOaHCvPDpS_DiwUYfPQY8CxKJDOUwsI5jUl0fXHQMZfc_e7mSwSQVKYfdm6sFfs_NNefdFCs9giHrOSZxOZ02-JvzVxOFdXUECiJuXgV9Zy42dDKtMKwFKYmz1XhhNPf7HnvfEHmqefnTNlPr5UAL0Hrl76SzobESr8hQt0qCYXvSvgwgn42r8rFgcQGiVItWp59IcC5LZDnz_nJHjyRZw-OTWwT8H_kXLe-vNybWif6XID50ewnA-Yaof1aEI2ZTKD-zrepDgml1O0QYFXqLduLO30WHUMtd59NiWyGsKjW_U9JYXlxPAotWoEnJNjLAVUwzl0lh9gfpGKIuy6DP6Mi-kBg8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D73 0
20 B 168ms
167ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BufmIl-OaZJmvENT_gAe3yrCIDwAAAAA4AeAEAg&bg=!Hh2lHUnNAAYQ3eRoMN07ADkAdvg8Wgz24Nkj0HZectLtZHs1vrSKg9BUgRi6mdaxMdKWHCFYAD4IHkQv7SEEtfGGvHZ5hXzQ-pwCAAAA6lIAAAADaAEHmQLsf7fdtlwRM4axifMJRbDZrkOezzH9pZWWGAoV8yvPfT5cGbeRnzDxVhTGCsoR9KWPndmge_9X2YoOWQGIz2zhNyo8UEwH-ZSUBUzcDVjhxnxnT3FGRy_5d8_2W5w3jNlogtudcDFxHQZfQs4kXHnCJl8w6F6ocP6Bx7nyYRXaXb38VvGdteI7vJcntmyNXrJA2hHdvz4QDn9GI4OxkQERHS3a5sTWfO0XfRgsv1iajDq4pURC4qPTiirh7XtaDAdeB0qPxVTWBhbBEd20rF4u37P1wPvaIFfC3cuzDvE-Y6bNNmlU-bbDU8Mc32oYSG446w7WM3qKFbuVTnOJSuJ6wNdMO9Jo6BSiO2UVJ7UESGZIiXG1uHD97Wbpzu7u70BkI1htiyrJJXnwOT-IQ8p6M84_7A3BMTEVsoUpQZbAo-sBHCVnnIY9ApYKny6fB04xFTusdGegsYp28wo-e4SEb6ebsuGVSq6bSTbQYuwlaBq43TM47ZyYoo519z3SuwWDD8nFHQE-OrIPnxz_dXrsaJV0J7xDwIdCu3h5nOiblbz3vhFdsqXtO1GJTm5KbhrMzdUV4XYjoUoCPn47lhHUHF0ao-T5_JDCFIJc1R39qR0fRBKHTSIg2BZ0gq4gBK0sncgf9LdcJQlt5GEwAKe8yBxR14LBFz1ftkwc2KhFsqjOTNIZ2aG0IgV2R-5t0RMp7gnz1biPYyAHrTKLVGdWIY79nwxlhqNC5szCF2nrW1ulGPm8BO5Y3gzNAlsfN_BwH-PL0dDgfbv_y-DEVgNzIBnucANHoJau7na3B6oAlePujOnVgZqLQsd0rzmDuRc32BiFzRjZsfVPKWHtcHWiL0InA580TW_oekT4c7DF8EX_Gf5l118UPaXMpgrtTESpVeyNwJkkIiyjEz7zHiCb8k1SP3rOAHub8FYa0Shx7FOJXu13iPupN3YCVHEZK0-7zGPEy54wMS1LMAclrDpQievMpUCDIYjkR1qkuQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 6DB3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=

0
291 B

131ms
131ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 27 Jun 2023 13:26:48 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x2 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 27 Jun 2023 13:26:47 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6DB3 0
239 B 600ms
137ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 6DB3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229

0
291 B

135ms
134ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 27 Jun 2023 13:26:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 05d8099e-dd74-45bf-ae57-2b06d8e70f53
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 6DB3 42 B
679 B 565ms
138ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=IYRG3_jIkcjSA-Bl6IO_i7Z6k1K0wYWTCpN5JJT7HlU
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DB3
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JCxcABufFVUx_qsAywkRBgrqCu3FHiw

170 B
188 B

143ms
142ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JCxcABufFVUx_qsAywkRBgrqCu3FHiw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JCxcABufFVUx_qsAywkRBgrqCu3FHiw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ Frame 6DB3 0
45 B 845ms
139ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 6DB3 0
0 415ms
140ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6DB3
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=z1jzyHAfh78g3H5gOmi-17Yeao8xbiwAca1pX5VdmZw

43 B
479 B

915ms
222ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=z1jzyHAfh78g3H5gOmi-17Yeao8xbiwAca1pX5VdmZw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZJSRBNT944S1NA268JJQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=z1jzyHAfh78g3H5gOmi-17Yeao8xbiwAca1pX5VdmZw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 6DB3 0
42 B 443ms
144ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:46 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 6DB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

0
291 B

133ms
133ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 6DB3 0
15 B 441ms
143ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 6DB3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=cc169d7d-d00e-40b6-9847-dd3bb9dfe412&gdpr=0&gdpr_consent=

0
291 B

131ms
130ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=cc169d7d-d00e-40b6-9847-dd3bb9dfe412&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=cc169d7d-d00e-40b6-9847-dd3bb9dfe412&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H2 200 sync
x.bidswitch.net/ Frame 6DB3 43 B
146 B 432ms
137ms Image
image/gif 35.158.13.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1687872404830
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.13.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-13-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D672 42 B
108 B 175ms
175ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8XmdXyTXYTyLDvSsmmo5JNmctZqbqPICkVFuPZCvhZxuOD2T4JlsCWUB9kNJ8W0yvg2tSr9D_DklrDd0sxtm51jCT7MsEYkZGJGOCZLF7WTcGwquQDXbGl78mu5J6&sai=AMfl-YQKZHGq1qSPolws9C6RUnLQc4qk_cowH2NssydG4pncTVQTi9LE9nn-9vVYDGbps8-fgnU3lZUNBAjU57aIIIPgXyjLfn4-YWWdOB25tHa1wQg7Ww-ny1znaf2_G5tyEheyT41sgNBlG1S5&sig=Cg0ArKJSzOo5PEEtt5AXEAE&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&id=lidar2&mcvt=1000&p=473,1078,1073,1378&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3798138915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687872405964&rpt=1434&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 10B0 42 B
64 B 171ms
170ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4Z_s7jN9fqVE_0NAUyuAep4-zT6iTy5q1W9AhKb7fPYfMWK76PCgAOhK5Qxc1AVRm0hwglAYRrKghKiZMgQE5difo13DdnrJ5zHn0l47DZp24YTBAuQrRdddgZa9O&sai=AMfl-YTMox57Zh1RBzW1z1fjGUexZN_dP_b4MCbHkwaozcKgy1xIRsWhokUDeupTfffQJL5rSpQnTxUEpmNrtylzjFciymiDweIdLm0F5WFG18GjfsMHbKSE_qWaHZqAH_09Mgac_-3Mzgo4Eb7s&sig=Cg0ArKJSzNDallb55UnQEAE&cid=CAQSSwBygQiDW1Pg8vmhQBVM30a0XuJCrqamd-XgpnCDHPrNYKXZLwvzXf1zzy6JlY4gFHSP4aIcMT4Q3-q7FCcq2QB2f6U92NXsXcX_YBgB&id=lidar2&mcvt=1000&p=1105,315,1195,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=840525636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687872405927&rpt=1532&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 552F 34 KB
10 KB 140ms
140ms Script
text/html 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbb7002392343b953914d18e2a7d8af24b5bf3da6bdaeffad52b10633ac1592f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 13:26:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jun 2023 07:33:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65202
Connection: keep-alive
Content-Length: 10112
Expires: Wed, 28 Jun 2023 07:33:30 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 9057 4 KB
2 KB 488ms
158ms Document
text/html 108.128.170.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-170-101.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b8a42aa19b2491968f6db683964394a1d929215c302df25779d1a4d67bfd621

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 27 Jun 2023 13:26:48 GMT
etag: W/"0ea115c87f0c5aef369c88f40a1783e49"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 45EB 4 KB
2 KB 142ms
142ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

d8485cd5670997b69a028f15909601814cc1b90f133cd803171c390826004eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1397
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame 63BA 0
0

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame ADC7 2 KB
2 KB 409ms
133ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 1031af62f6a37f1e34ae280d28f701a6992fd0e6a5adeba16a347290efb6c8c4

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1617
Content-Type: text/html
Date: Tue, 27 Jun 2023 13:26:48 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 53ED
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

250ms
126ms

Document
text/html

104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Jun 2023 13:26:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Jun 2023 13:26:48 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B666 16 KB
6 KB 150ms
143ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78291
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 27 Jun 2023 13:26:48 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame C0DE 146 B
764 B 491ms
176ms Document
text/html 99.84.88.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-77.muc50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 393492ec1c1a44ba42c2644f06b02c6cde5230358ffae108ab1f6158d012c61c

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 146
content-type: text/html
date: Tue, 27 Jun 2023 13:26:48 GMT
server: istio-envoy
via: 1.1 acc9aed747aea07d6138203ddfb2dcd8.cloudfront.net (CloudFront)
x-amz-cf-id: sw0Aq0uY7eXdMDJqHtKr9jZ5AVW2ZOZXwXtdYZZyCzpCi_d7h2ZHag==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 4

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 2B08 635 B
1 KB 471ms
156ms Document
text/html 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 876935edb3629294643f6cbdfe4fa357d09b26b91fe9b4087466c74edceb0950

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 635
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Jun 2023 13:26:48 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame F12F 145 B
600 B 703ms
223ms Document
text/html 3.227.148.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.227.148.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-148-228.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: ce1543fc2e76948f2f7f64e1f02bf6c019954651e3830b931296135c07428b06

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 145
content-type: text/html
date: Tue, 27 Jun 2023 13:26:49 GMT
server: istio-envoy
x-envoy-upstream-service-time: 1

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame DF7D 17 KB
6 KB 485ms
120ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (sof/4387) /
Resource Hash: 959b323d6d404b16646fff656d108c0ef6079419e6a5536ff04f24b69a706d67

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 190
cache-control: max-age=900
content-encoding: gzip
content-length: 6056
content-md5: BWNiLq3WgjMFnqlZeqylmg==
content-type: text/html; charset=utf-8
date: Tue, 27 Jun 2023 13:26:48 GMT
etag: 3c7cbe5d-b074-41c0-9aea-5feaec65b4f6
expires: Tue, 27 Jun 2023 13:41:48 GMT
last-modified: Fri, 09 Jun 2023 15:10:42 GMT
opc-request-id: iad-1:Yglp2tmC0Qv6QBhRcNXNpugCJIvTtBmJw18gI7TIGszgllpS6AHwPCTa-815hHEm
server: ECAcc (sof/4387)
storage-tier: Standard
vary: Accept-Encoding
version-id: 54260ee6-b896-4a59-bf66-caede0de27cf
x-api-id: native
x-cache: HIT

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=4356117347549946229

0
345 B

161ms
157ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=4356117347549946229
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Tue, 27 Jun 2023 13:26:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4e8ed5a2-5063-433f-8415-338959cc7e07
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=4356117347549946229
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=G4tGtRZHZUicU8xyS-ir7KKw

0
350 B

158ms
158ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=G4tGtRZHZUicU8xyS-ir7KKw
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=G4tGtRZHZUicU8xyS-ir7KKw
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&uid=G4tGpLZHlqwSirHqSCGMnSh2

0
350 B

158ms
157ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=G4tGpLZHlqwSirHqSCGMnSh2
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Tue, 27 Jun 2023 13:26:49 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.servenobid.com/sync?pid=310&uid=G4tGpLZHlqwSirHqSCGMnSh2
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1687872408970
https://ad.turn.com/r/cs?pid=45&rndcb=6672761223
https://sync.1rx.io/usersync/turn/3943491944002129294?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003
https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003

0
362 B

158ms
158ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003
date: Tue, 27 Jun 2023 13:26:50 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX73782c36bb25407180c53b7f5ea943cd003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5140084925853887675

0
345 B

159ms
157ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5140084925853887675
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5140084925853887675
Date: Tue, 27 Jun 2023 13:26:49 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=866b46e0-a172-485a-aa1d-59791dd4cd69

0
357 B

159ms
158ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=866b46e0-a172-485a-aa1d-59791dd4cd69
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-167
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ads.servenobid.com/sync?pid=332&uid=866b46e0-a172-485a-aa1d-59791dd4cd69
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET

cookie
cm.adform.net/ Frame 8773
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D85da6e1b-beab-4a1a-ba61-00aac8b3eee4%26bidder%3Dappnexus%26cbx%3D...
https://prebid.a-mo.net/cchain/0/466?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=85da6e1b-beab-4a1a-ba61-00aac8b3eee4&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&u...
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D85da6e1b-beab-4a1a-ba61-00aac8...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A

0
366 B

163ms
160ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A
date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif
us.shb-sync.com/ Frame 8773
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-b90f842e-3758-30d0-aef7-3e5a8ebee960&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 8773
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
https://ads.servenobid.com/sync?pid=339&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A

0
366 B

163ms
160ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A
date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 8773 0
361 B 1699ms
146ms Image
text/plain 3.76.139.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.139.6 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:50 GMT

GET cksync.php
hbx.media.net/ Frame 8773 0
0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2387 5 KB
6 KB 460ms
150ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62678261&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fe3c59bc6fa22de9f0b1461b7b121a849849e9b764fec5afe2b14420effd735c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 27 Jun 2023 13:26:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2B3C 16 KB
6 KB 131ms
131ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: u.4dex.io
URL: https://u.4dex.io/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://u.4dex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78291
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 27 Jun 2023 13:26:48 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
gum.criteo.com/ Frame 8C07 88 B
343 B 152ms
151ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

89db9e2aa2b88d6f8f71bf3944d2760c3fd165041484a733ac3a9fa09b43866b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 953230
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 894E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

125ms
124ms

Document
text/html

104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Jun 2023 13:26:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Jun 2023 13:26:48 GMT
location: https://eus.rubiconproject.com/usync.html?p=medianet
server: AkamaiGHost

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame ACD5
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Drkt%26refUrl%3D%26vid%3D787240864233087400842677570...
https://contextual.media.net/cksync.html?cs=8&vsid=3308740084267757000V10&type=rkt&refUrl=&vid=78724086423308740084267757000V10&ovsid=5108559728436596582

235 B
660 B

301ms
301ms

Document
text/html

88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3308740084267757000V10&type=rkt&refUrl=&vid=78724086423308740084267757000V10&ovsid=5108559728436596582

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 235
content-type: text/html;charset=UTF-8
date: Tue, 27 Jun 2023 13:26:49 GMT
expires: Tue, 27 Jun 2023 13:26:49 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Tue, 27 Jun 2023 13:26:49 GMT
Location: https://contextual.media.net/cksync.html?cs=8&vsid=3308740084267757000V10&type=rkt&refUrl=&vid=78724086423308740084267757000V10&ovsid=5108559728436596582
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6528 16 KB
6 KB 136ms
133ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dpba%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3DPM_UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78291
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 27 Jun 2023 13:26:48 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cksync.php
contextual.media.net/ Frame 8C07
Redirect Chain

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3308740084267757000V10&type=son&refUrl=&vid=78724086423308740084267757000V10&ovsid=[UID]
https://contextual.media.net/cksync.php?cs=8&vsid=3308740084267757000V10&type=son&refUrl=&vid=78724086423308740084267757000V10&ovsid=ac3d77aa-97ab-4673-bd55-0eca95f6420a

61 B
472 B

173ms
173ms

Image
image/gif

88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3308740084267757000V10&type=son&refUrl=&vid=78724086423308740084267757000V10&ovsid=ac3d77aa-97ab-4673-bd55-0eca95f6420a

Requested by

Protocol

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 13:26:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 27 Jun 2023 13:26:49 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-98
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://contextual.media.net/cksync.php?cs=8&vsid=3308740084267757000V10&type=son&refUrl=&vid=78724086423308740084267757000V10&ovsid=ac3d77aa-97ab-4673-bd55-0eca95f6420a
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET cm
us-u.openx.net/w/1.0/ Frame 8C07 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 8C07
Redirect Chain

https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dr1%26refUrl%3D%26vid%3D78724086423308740084...
https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dr1%26refUrl%3D%26vid%3D78724086423308...
https://ad.turn.com/r/cs?pid=45&rndcb=2819627084
https://sync.1rx.io/usersync/turn/4015549538040057230?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003
https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003

0
362 B

158ms
158ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003
date: Tue, 27 Jun 2023 13:26:50 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX73782c36bb25407180c53b7f5ea943cd003
content-type: text/html

GET

cksync
cs.media.net/ Frame 8C07
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMwODc0MDA4NDI2Nzc1NzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEK-GXC19E5afP_emSIwV4cs&google_cver=1

0
0

GET ping_match.gif
pm.w55c.net/ Frame 8C07 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 8C07 0
0

GET

getuid
ads.avct.cloud/ Frame 8C07
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet

0
0

GET /
b1sync.zemanta.com/usersync/medianet/ Frame 8C07 0
0

GET sync
rtb.mfadsrvr.com/ Frame 8C07 0
0

GET

cksync
cs.media.net/ Frame 8C07
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=92c21ac3-d254-493b-ac90-5e485f33b461

0
0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E2EA 0
862 B 129ms
129ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:48 GMT
AN-X-Request-Uuid: e9aab7a0-194b-4e80-afe4-20d629856826
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45EB
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDNX73KT7bZFPxm_xslVVWytetL8h5Q

170 B
188 B

172ms
163ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDNX73KT7bZFPxm_xslVVWytetL8h5Q

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDNX73KT7bZFPxm_xslVVWytetL8h5Q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=

0
291 B

134ms
131ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 27 Jun 2023 13:26:48 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 27 Jun 2023 13:26:47 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LJEBNELO-27-CVXB&gdpr=0

0
291 B

132ms
130ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LJEBNELO-27-CVXB&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LJEBNELO-27-CVXB&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4356117347549946229

0
291 B

151ms
131ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4356117347549946229

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 27 Jun 2023 13:26:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d63985e4-49ea-4d60-8a06-ae9e0210871d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4356117347549946229
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 45EB 42 B
679 B 256ms
132ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=z1jzyHAfh78g3H5gOmi-17Yeao8xbiwAca1pX5VdmZw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=5814993726178313858

0
291 B

131ms
131ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=5814993726178313858

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=5814993726178313858
date: Tue, 27 Jun 2023 13:26:48 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 45EB 0
0 154ms
146ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 45EB
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=agXMVfUcGIIepHrZTMm1n1PPjj3v3qqltH5CSg_il74

43 B
479 B

813ms
218ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=agXMVfUcGIIepHrZTMm1n1PPjj3v3qqltH5CSg_il74

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YAZ6W4CA40N5XC2JZ657
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=agXMVfUcGIIepHrZTMm1n1PPjj3v3qqltH5CSg_il74
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NENFMDQxOUYtQjBDNy00RUM1LUExOEEtOUFCRDIzRjRDRjM1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

223ms
222ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
date: Tue, 27 Jun 2023 13:26:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

0
291 B

132ms
132ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A

0
291 B

135ms
131ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A
date: Tue, 27 Jun 2023 13:26:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 45EB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=94f44cfe-466a-4f2d-a61d-583ddc95f0d1&gdpr=0&gdpr_consent=

0
291 B

131ms
131ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=94f44cfe-466a-4f2d-a61d-583ddc95f0d1&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=94f44cfe-466a-4f2d-a61d-583ddc95f0d1&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET

sync
rtb.mfadsrvr.com/ Frame 45EB
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=&us_privacy=

0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 45EB 0
364 B 164ms
156ms Image
image/avif 54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=z1jzyHAfh78g3H5gOmi-17Yeao8xbiwAca1pX5VdmZw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET token
token.rubiconproject.com/ Frame 552F 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 552F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y18i3kiyTbCWugtTbzjy4Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y18i3kiyTbCWugtTbzjy4Q

43 B
479 B

229ms
229ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y18i3kiyTbCWugtTbzjy4Q

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RD4DAAG60PJX476DDGTW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y18i3kiyTbCWugtTbzjy4Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 552F
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=&expires=30

42 B
679 B

135ms
134ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 552F 0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 552F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpgcAdhxMxR-hHQwC1t8d8&google_cver=1

42 B
679 B

167ms
133ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpgcAdhxMxR-hHQwC1t8d8&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOpgcAdhxMxR-hHQwC1t8d8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET log
c21lg-d.media.net/ Frame 8C07 0
0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F6B 0
20 B 169ms
169ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=830434323246&version=m202301230201&ct=77&x=1&cor=331191194760030400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D672 0
20 B 166ms
166ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7474404332486&version=m202301230201&ct=77&x=1&cor=13217623457322506000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame ADC7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

248ms
248ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9HV10G1YY8FD4CD11PC4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BSJ376A9A0HVDJ9DVCY1
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

rum
dsum-sec.casalemedia.com/ Frame ADC7
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=528cf246-8d95-42b9-9253-94afb96d9c90&expiration=1690464409&gdpr=0&gdpr_consent=

0
0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame ADC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzhkK4-KddJCGVZH5AcRPw&google_cver=1

43 B
632 B

131ms
130ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzhkK4-KddJCGVZH5AcRPw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzhkK4-KddJCGVZH5AcRPw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ADC7 0
0

GET ie
match.prod.bidr.io/cookie-sync/ Frame ADC7 0
0

GET

crum
dsum-sec.casalemedia.com/ Frame ADC7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2020966254788010785&expiration=1689082009

0
0

GET

crum
dsum.casalemedia.com/ Frame ADC7
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4356117347549946229

0
0

GET index
dmp.brand-display.com/cm/api/ Frame ADC7 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame ADC7 0
357 B 159ms
157ms Image
image/avif 54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H3 404 golge.png
cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/images/ Frame DA7B 548 B
548 B 499ms
481ms Image
text/html 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/images/golge.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVUVmoLVIYkPA0%2FocAQkYoEj94m2l8LmViobM9Tuoab1jH1M76iK%2BAIv0n0qQC19d3bT5xo6nfUhnI91FhN6fT2NbV0HH0%2FHIYIdlrwqMTi1msQ5TFCBx87RsLURTqGskw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=1800
cf-ray: 7dde061ceaaf90d6-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B0 0
20 B 166ms
163ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=474103191004&version=m202301230201&ct=77&x=1&cor=201170273664664770

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

user-sync
sync.adkernel.com/ Frame 2B08
Redirect Chain

https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D181225%26dsp%3D578434%26t%3Dimage%26uid%3D%24UID%26us_privacy%3D1YN-
https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=4356117347549946229&us_privacy=1YN-

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9057
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=4356117347549946229

35 B
250 B

992ms
160ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=4356117347549946229
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:50 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Tue, 27 Jun 2023 13:26:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a0f5670f-1433-4efe-9a82-d027a6d4c338
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=4356117347549946229
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

bsw_sync
ads.creative-serving.com/ Frame 9057
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d8faa372-ee8a-447e-9c5e-7078b0d9651d&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=

0
0

GET redirectObuid
sync.outbrain.com/ Frame 9057 0
0

GET cm
us-u.openx.net/w/1.0/ Frame 9057 0
0

GET sync
sync.srv.stackadapt.com/ Frame 9057 0
0

GET gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 9057 0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 9057 0
0

GET

usersync
usersync.gumgum.com/ Frame 9057
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DC9B07989D74D49369A97EB5DCD47DA14%26att%3D1%26pid%3D82%26cb%3Dhttps%...
https://sync.technoratimedia.com/services?srv=cs&nuid=C9B07989D74D49369A97EB5DCD47DA14&att=1&pid=82&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D&uid=ZJrjl5e8t-SsJXY...
https://usersync.gumgum.com/usersync?b=snc&i=A5967DBE4F774E858A545A1F80236F44

0
0

GET 142
match.deepintent.com/usersync/ Frame 9057 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 9057 0
0

GET server_match
ad.360yield.com/ Frame 9057 0
0

GET rtset
bh.contextweb.com/bh/ Frame 9057 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 9057 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 9057 0
358 B 166ms
158ms Image
image/avif 54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_d8faa372-ee8a-447e-9c5e-7078b0d9651d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 60B7 4 KB
2 KB 131ms
131ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Requested by

Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

9b3540f7910389a8c65647cee0949852174bc37b63b637aea18e70c515766d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.adkernel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1403
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

/ Show response
onetag-sys.com/match/ Frame 52B6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

207ms
207ms

Document
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

Redirect headers

content-length: 157
content-type: text/html; charset=utf-8
date: Tue, 27 Jun 2023 13:26:47 GMT
location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pubmatic
d5p.de17a.com/getuid/ Frame 5EE8 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 6290 0
0

GET
H2

200

/ Show response
onetag-sys.com/match/ Frame D8E9
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526369958297
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

147ms
138ms

Document
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

Redirect headers

content-length: 157
content-type: text/html; charset=utf-8
date: Tue, 27 Jun 2023 13:26:48 GMT
location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 53E3 0
0

GET p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame 9DBE 0
0

GET
H2

200

/ Show response
onetag-sys.com/match/ Frame 011D
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4356117347549946229&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

207ms
207ms

Document
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

Redirect headers

content-length: 157
content-type: text/html; charset=utf-8
date: Tue, 27 Jun 2023 13:26:48 GMT
location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET /
dsp.adfarm1.adition.com/cookie/ Frame 62B2 0
0

GET pm
match.prod.bidr.io/cookie-sync/ Frame D5E2 0
0

GET sync
sync.srv.stackadapt.com/ Frame A08B 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame EDA6 0
0

GET bridge
cm.adgrx.com/ Frame 0F1B 0
0

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0BC2 0
0

GET cm
ipac.ctnsnet.com/int/ Frame 03D7 0
0

GET /
csync.loopme.me/ Frame A9A0 0
0

GET cookiesync
core.iprom.net/ Frame 17ED 0
0

GET pubmatic
ad.mrtnsvr.com/sync/ Frame EC7E 0
0

GET i.match
a.tribalfusion.com/ Frame D33C 0
0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2387
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fdfBhe86T06ArOJ0k4GeQQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

131ms
131ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=78290
accept-ranges: bytes
content-length: 5554
expires: Wed, 28 Jun 2023 11:11:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET qmap
sync.crwdcntrl.net/ Frame 2387 0
0

GET cr
cr.frontend.weborama.fr/ Frame 2387 0
0

GET match
a.audrte.com/ Frame 2387 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 2387
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0REN0MxODUtRUYzQS00RjRFLTgwQUMtRTI3NDkzODE5RTQx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

227ms
227ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
date: Tue, 27 Jun 2023 13:26:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 2387
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB2UFPXX3-46gJnRFkP30d8&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

137ms
136ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
date: Tue, 27 Jun 2023 13:26:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET pubmatic
um.simpli.fi/ Frame 2387 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 2387
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7592428239965925715
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

205ms
205ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
date: Tue, 27 Jun 2023 13:26:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 2387
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=94f44cfe-466a-4f2d-a61d-583ddc95f0d1&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

204ms
204ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
date: Tue, 27 Jun 2023 13:26:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET

SPug
image4.pubmatic.com/AdServer/ Frame 2387
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oY_s0uxE2uVxIkq_Zhb_Pj9IfT98UjI-~A&gdpr=0

0
0

GET 7DD7C185-EF3A-4F4E-80AC-E27493819E41
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2387 0
0

GET

/
sync.bumlam.com/ Frame 2387
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=

0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame 2387 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 2387
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4159664726115913102&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

0
291 B

205ms
205ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41
date: Tue, 27 Jun 2023 13:26:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2387 0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame 2387 0
0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame F555
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=

35 B
250 B

798ms
163ms

Document
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 27 Jun 2023 13:26:50 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 27 Jun 2023 13:26:49 GMT
Expires: Tue, 27 Jun 2023 13:26:48 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
location: https://usersync.gumgum.com/usersync?b=mmh&i=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=0&gdpr_consent=

GET user-sync
sync.adkernel.com/ Frame CC33 0
0

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 0410 0
0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame FEC9 170 B
188 B 147ms
143ms Document
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kOGZhYTM3Mi1lZThhLTQ0N2UtOWM1ZS03MDc4YjBkOTY1MWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:26:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 19D4 16 KB
6 KB 135ms
132ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78290
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 27 Jun 2023 13:26:49 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 875B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=94f44cfe-466a-4f2d-a61d-583ddc95f0d1

35 B
250 B

730ms
162ms

Document
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=94f44cfe-466a-4f2d-a61d-583ddc95f0d1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 27 Jun 2023 13:26:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Tue, 27 Jun 2023 13:26:49 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=94f44cfe-466a-4f2d-a61d-583ddc95f0d1
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET idsync
tg.socdm.com/aux/ Frame 55CD 0
0

GET gumgum
cs.admanmedia.com/sync/ Frame 48C3 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame C0DE 0
341 B 161ms
160ms Image
image/avif 54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=348&uid=ZEx_9p1tCp_mm
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame E8CF 43 B
632 B 261ms
130ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 27 Jun 2023 13:26:49 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET

usersync
usersync.gumgum.com/ Frame 9814
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=Dl9WE0I4S10AYjKfoY1k&pi=gumgum&tc=1

0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5F90
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

136ms
125ms

Document
text/html

104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Jun 2023 13:26:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Jun 2023 13:26:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2

200

sync
ads.servenobid.com/ Frame DF7D
Redirect Chain

https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99
https://ads.servenobid.com/sync?pid=362&uid=A5967DBE4F774E858A545A1F80236F44

0
355 B

163ms
162ms

Image
image/avif

54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=362&uid=A5967DBE4F774E858A545A1F80236F44
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ad-cdn.technoratimedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

date: Tue, 27 Jun 2023 13:26:49 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 645640552
location: https://ads.servenobid.com/sync?pid=362&uid=A5967DBE4F774E858A545A1F80236F44
access-control-allow-origin: https://ad-cdn.technoratimedia.com/
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 894E 34 KB
10 KB 392ms
138ms Script
text/html 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbb7002392343b953914d18e2a7d8af24b5bf3da6bdaeffad52b10633ac1592f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 13:26:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jun 2023 07:33:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65201
Connection: keep-alive
Content-Length: 10112
Expires: Wed, 28 Jun 2023 07:33:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60B7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDru8Nq6HcGqckEVKFmdPDpq0r0b_Eg

170 B
188 B

152ms
143ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDru8Nq6HcGqckEVKFmdPDpq0r0b_Eg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiP0JDru8Nq6HcGqckEVKFmdPDpq0r0b_Eg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 60B7
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SSHoADrOK1LJuf9uXmrvbNWV8eK2faF2H_taYIjO3cQ

43 B
479 B

431ms
229ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SSHoADrOK1LJuf9uXmrvbNWV8eK2faF2H_taYIjO3cQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SXB7C3KJ7VC2WD1EDXMG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SSHoADrOK1LJuf9uXmrvbNWV8eK2faF2H_taYIjO3cQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
x.bidswitch.net/ Frame 60B7 43 B
145 B 140ms
137ms Image
image/gif 35.158.13.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.13.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-13-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 60B7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=

0
291 B

162ms
162ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 27 Jun 2023 13:26:49 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=f627649a-e399-4b00-91cf-703989edc5b9&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 27 Jun 2023 13:26:48 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 60B7 0
239 B 133ms
130ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 60B7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229

0
291 B

133ms
132ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 27 Jun 2023 13:26:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5d7dfb2d-d11b-4864-926d-2724b09f6ef4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4356117347549946229
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 60B7 42 B
679 B 236ms
148ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=agXMVfUcGIIepHrZTMm1n1PPjj3v3qqltH5CSg_il74
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ Frame 60B7 0
44 B 142ms
139ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
content-length: 0

GET
H3 400 711916.gif
id.rlcdn.com/ Frame 60B7 0
0 143ms
140ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 60B7 0
39 B 145ms
142ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:48 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 60B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

0
291 B

132ms
132ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEP4NW70FvDEaqZ0axhLQ6kQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 60B7 0
15 B 140ms
138ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 60B7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=

0
291 B

136ms
136ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 27 Jun 2023 13:26:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=528cf246-8d95-42b9-9253-94afb96d9c90&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET user-sync
sync.adkernel.com/ Frame 60B7 0
0

GET
H3 200 fanta.png
cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/images/ Frame 0749 31 KB
32 KB 141ms
141ms Image
image/png 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/images/fanta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5006dcd8e4a400d2ee95738a364e4d1ecd349913c7ec3d0a3da34160e347c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/9815b9e507451a61fdb73af93612e34c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177571
alt-svc: h3=":443"; ma=86400
content-length: 32053
last-modified: Mon, 22 May 2023 15:27:34 GMT
server: cloudflare
etag: "646b89e6-7d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EY9ls%2FbI%2FfNpJekxi4v69eiW3V%2FpAW0uq2NgpC9mIM8MrzJtFCRXk%2BTe8ahPjMftxzOEQ3Jyi8GXo%2BeH8sugIoi6fb9SvCszV99KVy8vZKZ5s5Um4FODxLZY3PJsDTEIDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7dde061e0bac90d6-FRA

GET
H2 200 sync
ads.servenobid.com/ Frame F12F 0
340 B 161ms
156ms Image
image/avif 54.77.135.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=352&uid=Z5EVrp1aCp_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.135.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-135-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H3 200 fanta.png
cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/images/ Frame 4259 31 KB
32 KB 265ms
264ms Image
image/png 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/images/fanta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5006dcd8e4a400d2ee95738a364e4d1ecd349913c7ec3d0a3da34160e347c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177215
alt-svc: h3=":443"; ma=86400
content-length: 32053
last-modified: Mon, 22 May 2023 15:53:46 GMT
server: cloudflare
etag: "646b900a-7d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFXdtbYUE5xZU9UmcwD3eLXqm%2FmLea97B2LWIevV%2FRHktYFynSW%2Bt3yfuY762vZzs2QEYwyB2OWBINxcwdz3X1U3YiNWtjOuu4eCvMYcbePbkeiPBBcTfajVNJurCCSfHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7dde061e8c1590d6-FRA

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 53ED 34 KB
10 KB 398ms
134ms Script
text/html 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbb7002392343b953914d18e2a7d8af24b5bf3da6bdaeffad52b10633ac1592f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 13:26:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jun 2023 07:33:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65201
Connection: keep-alive
Content-Length: 10112
Expires: Wed, 28 Jun 2023 07:33:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5F90 34 KB
10 KB 402ms
136ms Script
text/html 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbb7002392343b953914d18e2a7d8af24b5bf3da6bdaeffad52b10633ac1592f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 13:26:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jun 2023 07:33:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65201
Connection: keep-alive
Content-Length: 10112
Expires: Wed, 28 Jun 2023 07:33:30 GMT

GET
H3 200 logo.png
cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/images/ Frame DA7B 7 KB
7 KB 315ms
314ms Image
image/png 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe25f7b5a9f7ac14647d6493870e57a3a6b94e9416cb58b9922ae60d763487e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177138
alt-svc: h3=":443"; ma=86400
content-length: 6668
last-modified: Fri, 02 Jun 2023 14:41:28 GMT
server: cloudflare
etag: "6479ff98-1a0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzgbC4fN3PsLB5%2BE41bdMN2ysz39YxrsNCQyR3ZZcieIONqzoLfmz5EdUCyYB3YN3szcU2djjGRZeIjfwXAXC1ciwPSizlT9WM9VK5BCmFkcBgOafOFhTCNkkKpDyZpNyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7dde061fed5290d6-FRA

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 138E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

281 B
554 B

133ms
133ms

Document
text/html

104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: u.4dex.io
URL: https://u.4dex.io/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://u.4dex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Jun 2023 13:26:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Jun 2023 13:26:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H2

200

cksync.php
contextual.media.net/ Frame 894E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LJEBNELO-27-CVXB
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJEBNELO-27-CVXB

61 B
459 B

170ms
170ms

Image
image/gif

88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJEBNELO-27-CVXB

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 13:26:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 27 Jun 2023 13:26:49 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://contextual.media.net/cksync.php?type=rbcn&ovsid=LJEBNELO-27-CVXB
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E2EA 0
862 B 131ms
130ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 13:26:49 GMT
AN-X-Request-Uuid: eaafbe57-3ced-4bec-9c81-765034ed5ac4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 53ED 0
0

GET
H3 200 sar%C4%B1fanta.png
cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/images/ Frame 4259 32 KB
32 KB 139ms
139ms Image
image/png 104.21.234.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/images/sar%C4%B1fanta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44ddbd35c7de4c7f96ceace2c81e6c4ed40047730b0ff4111b2633d11ed2e21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/14/a2c598ccebe9bcb90af487af662400a9/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:26:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177214
alt-svc: h3=":443"; ma=86400
content-length: 32506
last-modified: Mon, 22 May 2023 15:53:46 GMT
server: cloudflare
etag: "646b900a-7efa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9veJ%2BYavYLZxe0j5issEh%2BovvNsQdRrLyPrlZDlvE%2FtqsZk8pWw%2BlYs2GfAWUbWHTU%2BKhG4FVWX8Dky7%2F4j%2B7Pgr4EjnpCa%2F5dqLPDJjdnhryRe0dLPlNT72UXbrbAx%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7dde0621ef2590d6-FRA

GET

usersync
usersync.gumgum.com/ Frame 5F90
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LJEBNELO-27-CVXB
https://usersync.gumgum.com/usersync?b=mag&i=LJEBNELO-27-CVXB

0
0

GET usync.js
eus.rubiconproject.com/ Frame 138E 0
0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 7B7C 0
0

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 396E 0
0 423ms
422ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Requested by: Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78289
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 27 Jun 2023 13:26:50 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET cm
us-u.openx.net/w/1.0/ Frame BFA5 0
0

GET ps
pixel.33across.com/ Frame 95BE 0
0

GET
H2 200 /
onetag-sys.com/usync/ Frame 9294 0
0 412ms
411ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=572a470226457b8

Requested by

Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1160
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET sync
eb2.3lift.com/ Frame 21CE 0
0

GET

services
uat-net.technoratimedia.com/ Frame DF7D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=528cf246-8d95-42b9-9253-94afb96d9c90

0
0

GET

services
sync.technoratimedia.com/ Frame DF7D
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D46%26uid%3D%24UID
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4356117347549946229

0
0

GET

services
sync.technoratimedia.com/ Frame DF7D
Redirect Chain

https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=aUFGC619fYxEW99Wjza_fDqXWJNaeiA9

0
0

GET syn
match.prod.bidr.io/cookie-sync/ Frame DF7D 0
0

GET

528cf246-8d95-42b9-9253-94afb96d9c90
sync.1rx.io/usersync/tradedesk/ Frame DF7D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=synacor&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=338071832
https://sync.1rx.io/usersync/tradedesk/528cf246-8d95-42b9-9253-94afb96d9c90

0
0

GET server_match
ad.360yield.com/ Frame DF7D 0
0

GET

services
uat-net.technoratimedia.com/ Frame DF7D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-Q_a_uoRE2uE_Yo09RZAKJzGayGiyOfEi~A

0
0

GET

services
sync.technoratimedia.com/ Frame DF7D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZJrjl5e8t-SsJXY47duqUQAA%265157

0
0

GET idSync
sync.aralego.com/ Frame DF7D 0
0

GET sync
x.bidswitch.net/ Frame DF7D 0
0

GET current
synacor-match.dotomi.com/match/bounce/ Frame DF7D 0
0

GET cksync.php
contextual.media.net/ Frame DF7D 0
0

GET rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame DF7D 0
0

GET occ
ups.analytics.yahoo.com/ups/58675/ Frame 9861 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Domain: cm.adform.net
URL: https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F466%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D85da6e1b-beab-4a1a-ba61-00aac8b3eee4%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID

Domain: us.shb-sync.com
URL: https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-b90f842e-3758-30d0-aef7-3e5a8ebee960&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iOTBmODQyZS0zNzU4LTMwZDAtYWVmNy0zZTVhOGViZWU5NjAQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iOTBmODQyZS0zNzU4LTMwZDAtYWVmNy0zZTVhOGViZWU5NjAyAh8GOAE=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=

Domain: hbx.media.net
URL: https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dopx%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3D

Domain: cs.media.net
URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEK-GXC19E5afP_emSIwV4cs&google_cver=1

Domain: pm.w55c.net
URL: https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Ddxu%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3D_wfivefivec_

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40

Domain: ads.avct.cloud
URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3308740084267757000V10%26type%3Dzem%26refUrl%3D%26vid%3D78724086423308740084267757000V10%26ovsid%3D__ZUID__

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3308740084267757000V10

Domain: cs.media.net
URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=92c21ac3-d254-493b-ac90-5e485f33b461

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=&us_privacy=

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=25470

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2249&pt=n

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=36584

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Domain: c21lg-d.media.net
URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=cV83Lh_z9FZ6Px3-UHu2UrDdTuFR1rQC&cs=15&vsid=3308740084267757000V10

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=528cf246-8d95-42b9-9253-94afb96d9c90&expiration=1690464409&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/casale/ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/ie

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2020966254788010785&expiration=1689082009

Domain: dsum.casalemedia.com
URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4356117347549946229

Domain: dmp.brand-display.com
URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181225&dsp=578434&t=image&uid=4356117347549946229&us_privacy=1YN-

Domain: ads.creative-serving.com
URL: https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=snc&i=A5967DBE4F774E858A545A1F80236F44

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d8faa372-ee8a-447e-9c5e-7078b0d9651d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: ad.360yield.com
URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7DD7C185-EF3A-4F4E-80AC-E27493819E41&redir=true&gdpr=0&gdpr_consent=

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: ipac.ctnsnet.com
URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: ad.mrtnsvr.com
URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7DD7C185-EF3A-4F4E-80AC-E27493819E41&gdpr=0&gdpr_consent=

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7DD7C185-EF3A-4F4E-80AC-E27493819E41

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oY_s0uxE2uVxIkq_Zhb_Pj9IfT98UjI-~A&gdpr=0

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/7DD7C185-EF3A-4F4E-80AC-E27493819E41?gdpr=0&gdpr_consent=

Domain: sync.bumlam.com
URL: https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=8ec96f0f-8410-4b43-97f8-d3890c6a89d3&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7DD7C185-EF3A-4F4E-80AC-E27493819E41&gdpr=0&gdpr_consent=

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/gumgum?puid=e_d8faa372-ee8a-447e-9c5e-7078b0d9651d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=rth&i=Dl9WE0I4S10AYjKfoY1k&pi=gumgum&tc=1

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=175005&r=agXMVfUcGIIepHrZTMm1n1PPjj3v3qqltH5CSg_il74

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LJEBNELO-27-CVXB

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=mag&i=LJEBNELO-27-CVXB

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D

Domain: pixel.33across.com
URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID

Domain: uat-net.technoratimedia.com
URL: https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=528cf246-8d95-42b9-9253-94afb96d9c90

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4356117347549946229

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=aUFGC619fYxEW99Wjza_fDqXWJNaeiA9

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/syn

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync/tradedesk/528cf246-8d95-42b9-9253-94afb96d9c90

Domain: ad.360yield.com
URL: https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D

Domain: uat-net.technoratimedia.com
URL: https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-Q_a_uoRE2uE_Yo09RZAKJzGayGiyOfEi~A

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZJrjl5e8t-SsJXY47duqUQAA%265157

Domain: sync.aralego.com
URL: https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=A5967DBE4F774E858A545A1F80236F44&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D37%26uid%3DUCFUID

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=synacor&user_id=A5967DBE4F774E858A545A1F80236F44

Domain: synacor-match.dotomi.com
URL: https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=A5967DBE4F774E858A545A1F80236F44&rurl=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D49%26uid%3D

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=A5967DBE4F774E858A545A1F80236F44&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D

Domain: sync.taboola.com
URL: https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=A5967DBE4F774E858A545A1F80236F44

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastelink.net/	1970-01-20 13:41:12	Name: PHPSESSID Value: je8622eud9ffk2vk40sgopi5pr
.pastelink.net/	1970-01-20 15:00:48	Name: _gcl_au Value: 1.1.839836986.1687872403
.pastelink.net/	1970-01-20 22:27:12	Name: _ga Value: GA1.2.859327903.1687872403
.pastelink.net/	1970-01-20 12:52:38	Name: _gid Value: GA1.2.1152261091.1687872404
.pastelink.net/	1970-01-20 12:51:12	Name: _gat_UA-55088947-2 Value: 1
.rubiconproject.com/	1970-01-20 21:36:48	Name: khaos Value: LJEBNELO-27-CVXB
.omnitagjs.com/	1970-01-20 13:34:24	Name: ayl_visitor Value: a78528f8db1171cc911d7dcaef7a2e07
.pastelink.net/	1970-01-20 22:12:48	Name: __gads Value: ID=79bbd290e6c38b99:T=1687872405:RT=1687872405:S=ALNI_Ma9SfgXdTqDWjlZHe4G4Av1CDCq1A
.pastelink.net/	1970-01-20 22:12:48	Name: __gpi Value: UID=00000c5e70ecca42:T=1687872405:RT=1687872405:S=ALNI_MZOnsQ3IhRK3ZZ_FHqCLXdX1M2EKQ
.pastelink.net/	1970-01-20 22:27:12	Name: _ga_S3DKHVPF03 Value: GS1.1.1687872403.1.0.1687872406.0.0.0
.doubleclick.net/	1970-01-20 22:27:12	Name: IDE Value: AHWqTUm_UN21jeCBXw6-1V3n3Sjuh1nkTm-0AIDKwpTKExvIePJVezq-eufeS3LC
.doubleclick.net/	1970-01-20 12:51:16	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 15:00:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUks.tXx!@wnfH8K6pQK`!5=E<L5?%M#3Moxu4^JhK7N>O`a48$5lXVnzAruk4]fEbpRzqF1`b_V'*4VAI
.adnxs.com/	1970-01-20 15:00:48	Name: uuid2 Value: 4356117347549946229
.casalemedia.com/	1970-01-20 15:00:48	Name: CMPS Value: 3230
.casalemedia.com/	1970-01-20 15:00:48	Name: CMPRO Value: 5157
.casalemedia.com/	1970-01-20 21:36:48	Name: CMID Value: ZJrjl5e8t-SsJXY47duqUQAA
.criteo.com/	1970-01-20 22:12:48	Name: uid Value: ed8bbcfc-a860-4278-80ad-715bcd91349d
.pastelink.net/	1970-01-20 22:12:48	Name: cto_bundle Value: 9Z_bKl91Y3o5QnZNUjcyVHVhUiUyRmNvQ3M2cHFKQmwzMDNvJTJCYmlEaEJrcUNkNFphRjd4SHM4WDBkWTQ4bllrT005d2FIeWs5bElLMXhyd2Fjd3JXYnNUYkRINnhqYkR0OVBsak9XcDRyREtWTHNabiUyQkhxOWklMkY1cyUyQkpMQWxBeERSa3BQRGtuaENNdmVkNUJybFhPQmtnOWk5djlBJTNEJTNE
.4dex.io/	1970-01-20 14:17:36	Name: uids Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNi0yN1QxMzoyNjo0OC40NzM1MTMzOTdaIiwicHVibWF0aWMiOiIyMDIzLTA2LTI3VDEzOjI2OjQ4LjQ3MzQ5OTEyMloiLCJydWJpY29uIjoiMjAyMy0wNi0yN1QxMzoyNjo0OC40NzM1MDU3MTlaIiwieWFob28iOiIyMDIzLTA2LTI3VDEzOjI2OjQ4LjQ3MzUxMDg0NVoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiMTgyYmJjYmUtYTFkZC00MzA5LTlhOTAtNGZkNjNlZjlhZDRjIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjZUMTM6MjY6NDQuNTg3ODU1NDA4WiJ9fSwiYmRheSI6IjIwMjMtMDYtMjdUMTM6MjY6NDQuNTg3NzY1NjczWiJ9
.ads.pubmatic.com/	1970-01-20 12:52:38	Name: KCCH Value: YES
.media.net/	1970-01-20 21:36:48	Name: visitor-id Value: 3308740084267757000V10
.mathtag.com/	1970-01-20 22:17:07	Name: uuid Value: f627649a-e399-4b00-91cf-703989edc5b9
.yahoo.com/	1970-01-20 21:37:10	Name: A3 Value: d=AQABBJjjmmQCEMW0HQyscw3rsoRsq1Opkr0FEgEBAQE1nGSkZEfWPzIB_eMAAA&S=AQAAAhwsO14Y9hoPNgmbQL2UDjk
.bidswitch.net/	1970-01-20 21:36:48	Name: c Value: 1687872408
.bidswitch.net/	1970-01-20 21:36:48	Name: tuuid_lu Value: 1687872408
.servenobid.com/	1970-01-20 13:01:17	Name: pid_318 Value: z1jzyHAfh78g3H5gOmi-17Yeao8xbiwAca1pX5VdmZw
.servenobid.com/	1970-01-20 13:01:17	Name: pid_312 Value: 4356117347549946229
.bidswitch.net/	1970-01-20 21:36:48	Name: tuuid Value: 8ec96f0f-8410-4b43-97f8-d3890c6a89d3
.pubmatic.com/	1970-01-20 12:51:12	Name: ipc Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%23PMUID^1^0
.pubmatic.com/	1970-01-20 15:00:48	Name: chkChromeAb67Sec Value: 1
.adkernel.com/	1969-12-31 23:59:59	Name: SSPZ Value: 181225
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_40 Value: 578434
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_63 Value: 546302
.adkernel.com/	1970-01-20 13:34:24	Name: ADKUID Value: A2362298016160130061
.pubmatic.com/	1970-01-20 21:36:48	Name: KADUSERCOOKIE Value: 7DD7C185-EF3A-4F4E-80AC-E27493819E41
.pubmatic.com/	1970-01-20 12:52:38	Name: pi Value: 161102:2
.pubmatic.com/	1970-01-20 15:00:48	Name: DPSync3 Value: 1689033600%3A235_201_245_241
.pubmatic.com/	1970-01-20 15:00:48	Name: SyncRTB3 Value: 1689120000%3A35%7C1690416000%3A203%7C1688688000%3A63%7C1689033600%3A7_233_81_238_214_249_220_161_8_176_55_13_251_71_166_165_234_21_54_254_3_22_46_56%7C1688428800%3A223_2_15
.servenobid.com/	1970-01-20 13:01:17	Name: pid_339 Value: y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A
.servenobid.com/	1970-01-20 13:01:17	Name: pid_337 Value: y-jwU6s9VE2uE4es21PB2J8oSa.qHtR8iqEfiaj7Q-~A
.gumgum.com/	1970-01-20 21:36:48	Name: vst Value: e_d8faa372-ee8a-447e-9c5e-7078b0d9651d
.prebid.a-mo.net/	1970-01-20 12:52:38	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-20 21:36:48	Name: amuid2 Value: 85da6e1b-beab-4a1a-ba61-00aac8b3eee4
.prebid.a-mo.net/	1970-01-20 21:36:48	Name: sd_amuid2 Value: 85da6e1b-beab-4a1a-ba61-00aac8b3eee4
.minutemedia-prebid.com/	1970-01-20 13:34:24	Name: wrvUserID Value: ZEx_9p1tCp_mm
.smartadserver.com/	1970-01-20 22:21:26	Name: pid Value: 5814993726178313858
.lijit.com/	1970-01-20 21:36:48	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-20 13:01:17	Name: pid_333 Value: ZJrjl5e8t_SsJXY47duqUQAAFCUAAAAB
.lijit.com/	1970-01-20 21:36:48	Name: ljt_reader Value: G4tGpLZHlqwSirHqSCGMnSh2
.1rx.io/	1970-01-20 21:36:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-73782c36-bb25-4071-80c5-3b7f5ea943cd-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.analytics.yahoo.com/	1970-01-20 21:36:48	Name: IDSYNC Value: "196n~2cgd:18z8~2cgd"
.yellowblue.io/	1970-01-20 13:34:24	Name: wrvUserID Value: Z5EVrp1aCp_s
.disqus.com/	1970-01-20 21:36:48	Name: zeta-ssp-user-id Value: ua-b90f842e-3758-30d0-aef7-3e5a8ebee960
.servenobid.com/	1970-01-20 13:01:17	Name: pid_309 Value: e_d8faa372-ee8a-447e-9c5e-7078b0d9651d
.rfihub.com/	1970-01-20 22:12:48	Name: eud Value: H4sIAAAAAAAA_zslzmtoZmFuYW5kYmBpZGgKAIOqmhoQAAAA
.rfihub.com/	1970-01-20 22:12:48	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrUwNbawMDczNxXiM9StCqgwsfTLckv3r8wGAPs5eLQlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrUwNbawMDczNxXiM9StCqgwsfTLckv3r8wGAPs5eLQlAAAA
.servenobid.com/	1970-01-20 13:01:17	Name: pid_348 Value: ZEx_9p1tCp_mm
.rubiconproject.com/	1970-01-20 21:36:48	Name: audit Value: 1\|naVuGyos1qqaeSfhxofVMe1ArEyWu9IOutcs1+UHtICnafhJoNeB5YCywZhaqLKPDcJZWBbPH93MboWaW1ii7VcR1aWtdTEq
.onetag-sys.com/	1970-01-20 22:20:59	Name: OTP Value: SSHoADrOK1LJuf9uXmrvbNWV8eK2faF2H_taYIjO3cQ
.servenobid.com/	1970-01-20 13:01:17	Name: pid_310 Value: G4tGpLZHlqwSirHqSCGMnSh2
.adsrvr.org/	1970-01-20 21:38:14	Name: TDID Value: 528cf246-8d95-42b9-9253-94afb96d9c90
.adsrvr.org/	1970-01-20 21:38:14	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCJTegJuGx_s7EAUYASABKAIyCwjqnYrKnMf7OxAFOAFaB3Z3Nml5cm5gAg..

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50 Message: Mixed Content: The page at 'https://onetag-sys.com/usync/?pubId=5adb88524e24e50' was loaded over HTTPS, but requested an insecure element 'http://sync.adkernel.com/user-sync?zone=175005&r=agXMVfUcGIIepHrZTMm1n1PPjj3v3qqltH5CSg_il74'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cdn.adviad.com/storage/2023/06/14/55fad4ed30a6afb51bc1e9fe2912f14d/images/golge.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c1.adform.net
c1fa516404016c1096d8a36ce95e5ce4.safeframe.googlesyndication.com
c21lg-d.media.net
cdn.adviad.com
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsp.adviad.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubmatic-match.dotomi.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
srv.buysellads.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
synacor-match.dotomi.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.4dex.io
uat-net.technoratimedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.shb-sync.com
usersync.gumgum.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ads.avct.cloud
ads.creative-serving.com
b1sync.zemanta.com
bh.contextweb.com
c21lg-d.media.net
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
cs.admanmedia.com
cs.media.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
hbx.media.net
image4.pubmatic.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.deepintent.com
match.prod.bidr.io
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb.mfadsrvr.com
secure-assets.rubiconproject.com
ssbsync.smartadserver.com
synacor-match.dotomi.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.bumlam.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
uat-net.technoratimedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.shb-sync.com
usersync.gumgum.com
x.bidswitch.net
104.17.24.14
104.18.2.114
104.21.234.9
104.26.2.70
104.26.6.139
104.26.9.169
104.64.126.246
104.79.25.60
108.128.170.101
13.32.99.30
130.211.23.194
142.250.184.226
142.250.184.228
142.250.185.130
142.250.185.142
142.250.185.194
142.250.185.234
142.250.185.98
142.250.186.102
142.250.186.130
142.250.186.131
142.250.186.161
142.250.186.166
142.250.186.66
142.250.186.72
151.139.128.10
152.199.22.191
159.65.16.11
172.217.16.195
178.250.1.11
178.250.7.10
178.250.7.2
185.255.84.151
185.29.132.241
185.64.189.112
185.64.190.78
185.64.190.79
185.64.191.210
185.80.39.216
185.86.138.16
185.86.139.104
193.0.160.130
193.122.128.135
198.47.127.205
213.19.162.51
216.52.2.48
216.52.2.91
216.58.212.161
23.32.184.192
23.35.236.188
3.227.148.228
3.33.220.150
3.75.62.37
3.76.139.6
34.120.63.153
34.149.40.38
35.158.13.41
35.244.174.68
37.157.5.133
37.252.171.52
37.252.171.85
46.228.164.11
46.228.174.117
51.89.9.252
52.210.15.1
52.46.130.91
54.77.135.147
69.166.1.10
69.173.144.138
69.173.144.139
77.245.57.72
88.208.215.108
88.221.168.23
99.84.88.77
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
04b1681b58892c332c161e963ba3e166abab1d3daa69657545f88f6b9c871292
058fe3e5c204a4f44a1d45b1a71d7eaa4e69df6ff7e3d55924e80797f5e0f6aa
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
090e11ea99bff93893541caf0f41a67ca563f5baf8a04f3387f1e9c46fc72f66
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1031af62f6a37f1e34ae280d28f701a6992fd0e6a5adeba16a347290efb6c8c4
1212e410d8a426f4123309be201238e337454cb511337df12ac92ea571cf9c9e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734
1616ad42ece97bcf7f86731b4a95e245c747f8fb6a11deb643204234e04a634d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
19d7bb29f100cf81601e827d2c47694eb4374461c541231a39567f000acc3781
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e5006dcd8e4a400d2ee95738a364e4d1ecd349913c7ec3d0a3da34160e347c3
1fb7230ee1cb4c4a7c4ba1f7224f971d1141dd39672b690b509987c90c062dc0
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
27db52eefe4861342113ffa1ee024f98a65d44ff81f708cb45af7bf0c8b93272
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2b6605a6a002c95b9e6826815e67d3a3b0c1fe932848c0591d48a4e2da4a0725
2c4e52c8ca393553e75b1354f1687d475209affa9bac281c6a58c718584f9523
2d51dd4e94edbb36acec7092a348e471f727e864901a7601e2fd069bde0dbeff
2f684369b97937555ac09393e6f56dab34bf038ef01a6ba52e1b3637d1880f29
3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
393492ec1c1a44ba42c2644f06b02c6cde5230358ffae108ab1f6158d012c61c
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44ddbd35c7de4c7f96ceace2c81e6c4ed40047730b0ff4111b2633d11ed2e21c
45b5465229b3d2f0348a4cfcd69e52df10b6059122d41cff6f9854a30bf111cf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
499d46a2267264a5d2465f9a2ff9dc95139a92a78a4bdb8439d06b2a51704937
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
51cf16e8528b144b1cc5e7bbea4e42d78933025647fb7e9cfae3b1ea25e843cf
51e1440ca53257dd63169bcd1db93836d6f823d62d9e8827c21c41f06f0010ff
51fcc99288e1eeabf231df27570ad341a98cc992a1128e1dcca7cf9cd6cec8ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
5c543b5c3d49302195af1da78755559c58b29821df1ad4160f0f2a8afa0b6e82
5fe76da12fade3fed2b62fcf2cebf8b09bc21382255533f6520b15b283e605f8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63715e8ffb3d4efab913b95b9369dc96445bde93529cdc97909bdf57a8134300
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f
6a0ed6115b95bf90987e31232fe3d71f09b104928a606f1ee9f5ba9da4b8472a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7068ca07c5102854ac55b70080fc7a706969a21b455f59453849f988f1f59aff
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
75c01acf79f0b63144af7ac0b5c30f1c80d2fcf8989b0e112884c9a7e92c1fc3
79bd6c869b86655aacc73be373ccd1ef979b9fa3039c05698097d0fc75595ce1
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ee3cc6bf4bb255f615c7a864a8f2934bcf9cf9f4cb7270b78354a3e92b1512d
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
876935edb3629294643f6cbdfe4fa357d09b26b91fe9b4087466c74edceb0950
89db9e2aa2b88d6f8f71bf3944d2760c3fd165041484a733ac3a9fa09b43866b
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8b8a42aa19b2491968f6db683964394a1d929215c302df25779d1a4d67bfd621
8ced749e6ec290955032e192d47b50488d50aec6a29a3e748047b9e3ae6e2ced
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
959b323d6d404b16646fff656d108c0ef6079419e6a5536ff04f24b69a706d67
971bf4a61f991f414b6aa441c3b24bec9f68389e9dc2f9591e751338c78cddd3
9b3540f7910389a8c65647cee0949852174bc37b63b637aea18e70c515766d10
9d9b6b4cab6ad3b4b3fddd7e3e147cb6aea4e2a4e4b8a73e1991da09ccb31fc8
9dc75dde4cfecf86ffbf5e44a6101016f3ebc44e3bd70afbef7b5c26b55b0651
9e9361bb18dfffacc0900be3b2ffef287c8f4845fd38cbded420dace069160df
9efac485053ded5f55538372472bd270708b716eae0e081307958263bf5f744f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f2882338583beb4ce78746bf3c3cf84711928f0027d9500ecec9e42e116e60
b67221fd133d8069d9aac0e41f3ee6a45576109dbfbc8678b0dbcc0fcb3aae62
bbb7002392343b953914d18e2a7d8af24b5bf3da6bdaeffad52b10633ac1592f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bedb3012c55e26bd2f8043f08513167674e9b1e57d3be22211ac995e86d11f03
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c5b4b7abe21f7d0501ae899eae7df6c67978408bb90e027b26f9cf7012f11ab6
c74a518e3b4b49079aa57156901d809ab3d927bef879800d1afb42b559487ffc
c9dc7959319d21a7ceed9b5853f0b6a1000cd42e187c365df7d5481e84d78636
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
ce1543fc2e76948f2f7f64e1f02bf6c019954651e3830b931296135c07428b06
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe25f7b5a9f7ac14647d6493870e57a3a6b94e9416cb58b9922ae60d763487e
d3cc545b13c620185641a001032efb70ac22e30d99c0ae8b534ac1bf2cf0569d
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d7fd0c74e433ba44c32ff15446692279ffdc71cbe9735f03cdd687f488d0e303
d8485cd5670997b69a028f15909601814cc1b90f133cd803171c390826004eea
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd70e06e5b9004d03dde1c0f091a02744f6bf6578d96c3cd6377f0ecac09c2b1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b19f098fce70f8b9d66e94a1ba031e2bbb1b0fee039f1ce5dddbb31924f2d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e683095252374f2db2b803b901579f878b65bb117e64f99691af870d7dffb611
e716df33e8d6ae5e63d6bb96edea224fa848ca56002d2d7f58b0803881f16164
e7184d3369dc6ac040ffc003941338577d3ef7946e1e9d6b1a57ca0d3cd9b94a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f179d3e7e5763a7537daadee8ed39777c42c139bee72992477c7544994f2da04
f4f213bb4122740c4523663e6cdcb4dab2169915f80293cedca72e0551cd249a
f786dcd0ec980e65f1b5ddbc0870f7264e280e64a08258ad99a3f5a330d2b110
fe3c59bc6fa22de9f0b1461b7b121a849849e9b764fec5afe2b14420effd735c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pastelink.net Open in urlscan Pro 88.208.215.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

366 Requests

60 %HTTPS

0 %IPv6

87 Domains

131 Subdomains

61 IPs

10 Countries

2837 kBTransfer

6521 kBSize

64 Cookies

15 Outgoing links

Redirected requests

366 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Screenshot
Live screenshot

Full Image

366
Requests

60 %
HTTPS

0 %
IPv6

87
Domains

131
Subdomains

61
IPs

10
Countries

2837 kB
Transfer

6521 kB
Size

64
Cookies

366 HTTP transactions
4 data transactions