urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wa...
Submission: On October 03 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 101 IPs in 12 countries across 110 domains to perform 549 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 142.250.185.161 15169 (GOOGLE)
13 142.250.74.194 15169 (GOOGLE)
2 142.250.186.40 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
43 151.101.65.44 54113 (FASTLY)
1 2 192.96.203.13 30633 (LEASEWEB-...)
3 104.26.4.103 13335 (CLOUDFLAR...)
2 151.101.130.137 54113 (FASTLY)
3 216.239.34.36 15169 (GOOGLE)
2 178.250.1.11 44788 (ASN-CRITE...)
4 216.58.206.33 15169 (GOOGLE)
3 3.233.155.192 14618 (AMAZON-AES)
7 23.97.225.52 8075 (MICROSOFT...)
16 185.106.33.48 200478 (TABOOLA-AS)
22 190.2.151.10 49981 (WORLDSTREAM)
13 22 216.58.206.34 15169 (GOOGLE)
1 104.16.89.20 13335 (CLOUDFLAR...)
2 4 147.75.84.158 54825 (PACKET)
1 3.124.160.8 16509 (AMAZON-02)
9 25 104.18.27.193 13335 (CLOUDFLAR...)
1 3.66.141.122 16509 (AMAZON-02)
13 34.250.19.175 16509 (AMAZON-02)
7 10 37.252.171.85 29990 (ASN-APPNEX)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 69.173.144.137 26667 (RUBICONPR...)
10 104.22.69.131 13335 (CLOUDFLAR...)
1 178.250.7.10 44788 (ASN-CRITE...)
1 185.255.84.150 200271 (IGUANE-)
3 35.186.253.211 15169 (GOOGLE)
1 104.79.89.16 16625 (AKAMAI-AS)
4 22 51.89.9.253 16276 (OVH)
1 3 91.228.74.200 16509 (AMAZON-02)
1 142.250.186.170 15169 (GOOGLE)
1 162.210.196.208 30633 (LEASEWEB-...)
3 142.250.185.74 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
11 15 3.120.69.56 16509 (AMAZON-02)
1 185.180.220.208 49981 (WORLDSTREAM)
8 141.226.228.48 200478 (TABOOLA-AS)
4 185.29.132.245 30419 (MEDIAMATH...)
3 15 69.173.144.165 26667 (RUBICONPR...)
3 3 193.108.153.21 20940 (AKAMAI-ASN1)
1 3 185.86.138.154 201081 (SMARTADSE...)
5 35.244.174.68 15169 (GOOGLE)
2 7 52.46.130.91 16509 (AMAZON-02)
7 9 198.47.127.18 3257 (GTT-BACKB...)
2 2 185.64.191.210 62713 (AS-PUBMATIC)
4 6 3.75.62.37 16509 (AMAZON-02)
14 3.33.220.150 16509 (AMAZON-02)
3 3 193.0.160.131 54312 (ROCKETFUEL)
1 2 190.2.150.148 49981 (WORLDSTREAM)
2 178.250.7.2 44788 (ASN-CRITE...)
1 141.226.224.32 200478 (TABOOLA-AS)
24 172.217.16.130 15169 (GOOGLE)
4 5 52.208.254.204 16509 (AMAZON-02)
3 3 104.79.25.60 16625 (AKAMAI-AS)
10 184.30.22.30 16625 (AKAMAI-AS)
1 5 172.217.16.194 15169 (GOOGLE)
10 172.217.18.1 15169 (GOOGLE)
3 142.250.186.36 15169 (GOOGLE)
5 217.79.188.60 24961 (MYLOC-AS ...)
2 217.79.188.46 24961 (MYLOC-AS ...)
1 18.66.97.31 16509 (AMAZON-02)
1 172.217.23.102 15169 (GOOGLE)
1 142.250.184.230 15169 (GOOGLE)
6 175.110.113.203 49981 (WORLDSTREAM)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 184.30.20.22 16625 (AKAMAI-AS)
1 2.19.104.211 16625 (AKAMAI-AS)
1 18.66.147.40 16509 (AMAZON-02)
2 3 76.223.111.18 16509 (AMAZON-02)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
2 216.58.212.131 15169 (GOOGLE)
3 142.251.43.131 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 18.66.26.40 16509 (AMAZON-02)
2 54.72.115.16 16509 (AMAZON-02)
1 2 185.86.138.151 201081 (SMARTADSE...)
2 23.211.9.91 16625 (AKAMAI-AS)
7 99.86.4.102 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
3 18.214.104.9 14618 (AMAZON-AES)
3 216.52.2.30 32475 (SINGLEHOP...)
3 4 46.228.174.117 56396 (AMOBEE)
3 3 46.228.164.11 56396 (AMOBEE)
1 1 69.166.1.34 27630 (AS-XFERNET)
3 18.156.139.59 16509 (AMAZON-02)
1 1 95.101.196.17 16625 (AKAMAI-AS)
2 6 69.173.144.138 26667 (RUBICONPR...)
1 178.63.52.121 24940 (HETZNER-AS)
3 4 167.235.114.248 24940 (HETZNER-AS)
2 2 178.250.1.9 44788 (ASN-CRITE...)
2 2 188.42.34.64 7979 (SERVERS-COM)
2 2 8.2.108.175 46636 (NATCOWEB)
1 37.157.6.233 198622 (ADFORM)
4 4 37.157.2.228 198622 (ADFORM)
1 2 67.220.226.238 16509 (AMAZON-02)
2 217.79.188.21 24961 (MYLOC-AS ...)
1 35.204.158.49 ()
1 3 104.18.26.193 13335 (CLOUDFLAR...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 18.194.23.131 16509 (AMAZON-02)
1 2 52.210.204.82 16509 (AMAZON-02)
1 1 45.137.176.88 60350 (VP)
1 162.19.138.118 16276 (OVH)
7 52.210.15.1 16509 (AMAZON-02)
1 1 52.5.118.137 14618 (AMAZON-AES)
2 2 52.21.252.242 14618 (AMAZON-AES)
2 8.18.47.7 398989 (DEEPINTENT)
1 2 138.201.84.244 24940 (HETZNER-AS)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 13.107.42.14 ()
1 192.132.33.68 18568 (BIDTELLECT)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 185.255.84.152 200271 (IGUANE-)
1 52.213.151.23 16509 (AMAZON-02)
1 35.186.215.140 15169 (GOOGLE)
549 101
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
cdn.ampproject.org
13    142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
43    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
pips.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
2    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    104.26.4.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
8bba9bc6dbc9cbafd4e27a23ef8230e5.safeframe.googlesyndication.com
3    3.233.155.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-155-192.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
7    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
22    190.2.151.10 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-10.hosted-by-worldstream.net
ad.vidverto.io
22    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
www.googletagservices.com
cm.g.doubleclick.net
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    3.124.160.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-160-8.eu-central-1.compute.amazonaws.com
tlx.3lift.com
25    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    3.66.141.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-141-122.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
13    34.250.19.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
ads.servenobid.com
10    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
10    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com
a.teads.tv
22    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
1    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
3    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
15    3.120.69.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-69-56.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidver.to
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
4    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
15    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
3    193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
5    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
7    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
2    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
14    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    190.2.150.148 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-150-148.hosted-by-worldstream.net
ad.mox.tv
2    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
24    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pagead2.googlesyndication.com
5    52.208.254.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-254-204.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    104.79.25.60 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-25-60.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
googleads.g.doubleclick.net
10    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
5    217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
1    18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net
rules.quantcount.com
1    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net
ad.doubleclick.net
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
s0.2mdn.net
6    175.110.113.203 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-203.hosted-by-worldstream.net
cdn.vidverto.io
2    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    2.19.104.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-211.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.66.147.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-40.fra60.r.cloudfront.net
public.servenobid.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
2    216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net
fonts.gstatic.com
3    142.251.43.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: bkk03s01-in-f3.1e100.net
csi.gstatic.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
partner.googleadservices.com
1    18.66.26.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-40.vie50.r.cloudfront.net
adx.holmesmind.com
2    54.72.115.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    23.211.9.91 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-91.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    99.86.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-102.fra6.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
3    18.214.104.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-104-9.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
3    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    18.156.139.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    95.101.196.17 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-17.deploy.static.akamaitechnologies.com
hbx.media.net
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de
hal9000.redintelligence.net
4    167.235.114.248 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.248.114.235.167.clients.your-server.de
sync.richaudience.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    35.204.158.49 (None, )

ASN- ()
um.simpli.fi
3    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    18.194.23.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-23-131.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    52.210.204.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-204-82.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
7    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    52.5.118.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-118-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.21.252.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-252-242.compute-1.amazonaws.com
sync.ipredictive.com
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
1    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com
bttrack.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    52.213.151.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-151-23.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
Apex Domain
Subdomains		 Transfer
68 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
trc.taboola.com — Cisco Umbrella Rank: 907
vidstat.taboola.com — Cisco Umbrella Rank: 3587
il-trc-events.taboola.com — Cisco Umbrella Rank: 16209
images.taboola.com — Cisco Umbrella Rank: 1957
pips.taboola.com — Cisco Umbrella Rank: 1909
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-match.taboola.com — Cisco Umbrella Rank: 13197
wf.taboola.com — Cisco Umbrella Rank: 3685
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
cds.taboola.com — Cisco Umbrella Rank: 2514
sync.taboola.com — Cisco Umbrella Rank: 1624
vidstatb.taboola.com — Cisco Umbrella Rank: 9042
am-wf.taboola.com — Cisco Umbrella Rank: 13824 Failed
1 MB
38 googlesyndication.com
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
8bba9bc6dbc9cbafd4e27a23ef8230e5.safeframe.googlesyndication.com
434 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
ad.doubleclick.net — Cisco Umbrella Rank: 180
pubads.g.doubleclick.net — Cisco Umbrella Rank: 359 Failed
408 KB
35 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
fastlane.rubiconproject.com Failed
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
71 KB
28 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum.casalemedia.com
19 KB
28 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30729
cdn.vidverto.io — Cisco Umbrella Rank: 40830
289 KB
22 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
12 KB
16 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
14 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
14 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1061
image2.pubmatic.com — Cisco Umbrella Rank: 1547
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
simage2.pubmatic.com Failed
simage4.pubmatic.com Failed
21 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3520
public.servenobid.com — Cisco Umbrella Rank: 7575
9 KB
12 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18087
e3.adpushup.com — Cisco Umbrella Rank: 19655
283 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
4 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
secure.adnxs.com — Cisco Umbrella Rank: 806
25 KB
10 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
adpushup-d.openx.net — Cisco Umbrella Rank: 32309
us-u.openx.net — Cisco Umbrella Rank: 863
eu-u.openx.net — Cisco Umbrella Rank: 3562
u.openx.net — Cisco Umbrella Rank: 1024
2 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
17 KB
9 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2247
usersync.gumgum.com — Cisco Umbrella Rank: 2735
rtb.gumgum.com — Cisco Umbrella Rank: 2264
3 KB
9 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 12957
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 59333
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 54096
dsp.adfarm1.adition.com Failed
31 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
6 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 7534
4 KB
5 adform.net
adx3.adform.net Failed
cm.adform.net — Cisco Umbrella Rank: 1654
c1.adform.net — Cisco Umbrella Rank: 954
2 KB
5 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1301
5 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2389
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
1 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
1 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2941
1 KB
4 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3579
cs.yellowblue.io — Cisco Umbrella Rank: 4325
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2250
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
588 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
462 B
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
90 KB
3 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 35069
hal900026.redintelligence.net — Cisco Umbrella Rank: 225954
9 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
69 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
1 KB
3 lijit.com
ce.lijit.com Failed
ap.lijit.com — Cisco Umbrella Rank: 1012
554 B
3 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
2 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
cms.quantserve.com — Cisco Umbrella Rank: 1260
10 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net — Cisco Umbrella Rank: 1062
hbx.media.net — Cisco Umbrella Rank: 1959
10 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
177 KB
3 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10583
757 B
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
332 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16071
41 KB
3 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 35724
sync.aralego.com — Cisco Umbrella Rank: 4312
agent.aralego.com Failed
2 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
701 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1610
60 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
958 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
2 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4144
992 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
60 KB
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42500
201 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
visitor.omnitagjs.com — Cisco Umbrella Rank: 1162
807 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 33779
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19210
c.statcounter.com — Cisco Umbrella Rank: 12701
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
179 KB
1 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 99065
10 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1445
163 B
1 linkedin.com
px.ads.linkedin.com
650 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
1 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 687
921 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2756
680 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 10466
343 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2779
422 B
1 simpli.fi
um.simpli.fi
612 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
625 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
377 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2785
160 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 776901
867 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
549 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
634 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 52748
57 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 12994
259 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
sync.teads.tv Failed
493 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
0 awin1.com Failed
www.awin1.com Failed
0 playground.xyz Failed
ads.playground.xyz Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 audrte.com Failed
a.audrte.com — Cisco Umbrella Rank: 3797 Failed
0 weborama.fr Failed
cr.frontend.weborama.fr Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 erne.co Failed
green.erne.co Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 ctnsnet.com Failed
ipac.ctnsnet.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 tremorhub.com Failed
google.partners.tremorhub.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237 Failed
0 createjs.com Failed
code.createjs.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 primis.tech Failed
live.primis.tech Failed
0 bidr.io Failed
match.prod.bidr.io — Cisco Umbrella Rank: 950 Failed
0 360yield.com Failed
ad.360yield.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 outbrain.com Failed
sync.outbrain.com — Cisco Umbrella Rank: 1259 Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
549 110
Domain Requested by
24 pagead2.googlesyndication.com ads.aralego.com
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
22 onetag-sys.com 4 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
public.servenobid.com
csync.smilewanted.com
www.bg3.co
22 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
19 cm.g.doubleclick.net 13 redirects onetag-sys.com
googleads.g.doubleclick.net
adpushup-d.openx.net
ssbsync.smartadserver.com
www.bg3.co
g2.gumgum.com
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
ads.pubmatic.com
17 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
16 il-trc-events.taboola.com www.bg3.co
15 x.bidswitch.net 11 redirects imprammp.taboola.com
am-match.taboola.com
onetag-sys.com
g2.gumgum.com
ads.pubmatic.com
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 match.adsrvr.org onetag-sys.com
imprammp.taboola.com
am-match.taboola.com
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
www.bg3.co
g2.gumgum.com
ads.pubmatic.com
14 images.taboola.com www.bg3.co
13 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
csync.smilewanted.com
onetag-sys.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
12 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
11 pixel.rubiconproject.com 1 redirects onetag-sys.com
www.bg3.co
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
10 tpc.googlesyndication.com 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.bg3.co
10 eus.rubiconproject.com ads.aralego.com
am-match.taboola.com
cdn.adpushup.com
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
9 image8.pubmatic.com 7 redirects onetag-sys.com
8 ib.adnxs.com 5 redirects cdn.adpushup.com
acdn.adnxs.com
www.bg3.co
ads.pubmatic.com
7 usersync.gumgum.com g2.gumgum.com
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
7 ssum-sec.casalemedia.com 3 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
7 s.amazon-adsystem.com 2 redirects onetag-sys.com
ssum-sec.casalemedia.com
www.bg3.co
7 e3.adpushup.com www.bg3.co
6 token.rubiconproject.com 2 redirects eus.rubiconproject.com
www.bg3.co
6 cdn.vidverto.io www.bg3.co
6 ups.analytics.yahoo.com 4 redirects onetag-sys.com
ads.pubmatic.com
5 imagesrv.adition.com 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
www.bg3.co
imagesrv.adition.com
5 googleads.g.doubleclick.net 1 redirects 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
5 pr-bh.ybp.yahoo.com 4 redirects imprammp.taboola.com
ads.pubmatic.com
5 id.rlcdn.com onetag-sys.com
www.bg3.co
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 c1.adform.net 4 redirects ads.pubmatic.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 pixel-eu.rubiconproject.com 2 redirects onetag-sys.com
4 sync.mathtag.com onetag-sys.com
4 prebid.a-mo.net 2 redirects cdn.adpushup.com
4 trc.taboola.com cdn.taboola.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 us-u.openx.net 1 redirects adpushup-d.openx.net
3 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
cs-server-s2s.yellowblue.io
3 ad.turn.com 3 redirects ads.pubmatic.com
3 sync.1rx.io 3 redirects
3 ap.lijit.com public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
3 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
3 csi.gstatic.com imasdk.googleapis.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 www.google.com 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 secure-assets.rubiconproject.com 3 redirects
3 p.rfihub.com 3 redirects ads.pubmatic.com
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 ads.stickyadstv.com 3 redirects ssum-sec.casalemedia.com
3 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
3 rtb.openx.net cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 www.googletagservices.com securepubads.g.doubleclick.net
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
3 http-intake.logs.datadoghq.com cdn.adpushup.com
3 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 creativecdn.com 2 redirects
2 hal900026.redintelligence.net 1 redirects 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
hal900026.redintelligence.net
2 match.deepintent.com g2.gumgum.com
www.bg3.co
2 sync.ipredictive.com 2 redirects
2 secure.adnxs.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 ad2.adfarm1.adition.com ad4.adfarm1.adition.com
ad2.adfarm1.adition.com
2 aax-eu.amazon-adsystem.com 1 redirects adpushup-d.openx.net
www.bg3.co
ads.pubmatic.com
2 am-wf.taboola.com vidstat.taboola.com
2 us.ck-ie.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 dis.criteo.com 2 redirects
2 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 fonts.gstatic.com ad.vidverto.io
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 ad4.adfarm1.adition.com 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
ad4.adfarm1.adition.com
2 sync.taboola.com am-match.taboola.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 ad.mox.tv 1 redirects onetag-sys.com
2 image2.pubmatic.com 2 redirects
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 ad.sitemaji.com adx.holmesmind.com
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 visitor.omnitagjs.com 1 redirects
1 u.openx.net 1 redirects
1 bttrack.com www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 rtb.gumgum.com g2.gumgum.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects ads.pubmatic.com
1 id5-sync.com ssbsync.smartadserver.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 s.company-target.com 1 redirects
1 um.simpli.fi onetag-sys.com
ads.pubmatic.com
1 eu-u.openx.net adpushup-d.openx.net
1 cms.quantserve.com 1 redirects ads.pubmatic.com
1 cm.adform.net csync.smilewanted.com
1 hal9000.redintelligence.net 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 static.smilewanted.com csync.smilewanted.com
1 8bba9bc6dbc9cbafd4e27a23ef8230e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 s0.2mdn.net imasdk.googleapis.com
1 ad.doubleclick.net pagead2.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 vidstatb.taboola.com www.bg3.co
1 cds.taboola.com cdn.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 pips.taboola.com cdn.taboola.com
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 sync.aralego.com ads.aralego.com
www.bg3.co
1 fonts.googleapis.com cdn.taboola.com
1 secure.quantserve.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 www.awin1.com Failed hal900026.redintelligence.net
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
0 ads.playground.xyz Failed ads.pubmatic.com
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 a.audrte.com Failed ads.pubmatic.com
0 cr.frontend.weborama.fr Failed ads.pubmatic.com
0 sync.crwdcntrl.net Failed ads.pubmatic.com
0 green.erne.co Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 d5p.de17a.com Failed ads.pubmatic.com
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 t.adx.opera.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 agent.aralego.com Failed ad.sitemaji.com
0 sync.teads.tv Failed 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
0 google.partners.tremorhub.com Failed 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
0 sync-tm.everesttech.net Failed 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
ads.pubmatic.com
0 code.createjs.com Failed imagesrv.adition.com
0 pixel-sync.sitescout.com Failed www.bg3.co
ads.pubmatic.com
0 live.primis.tech Failed www.bg3.co
0 match.prod.bidr.io Failed www.bg3.co
ads.pubmatic.com
0 ad.360yield.com Failed g2.gumgum.com
0 stags.bluekai.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 cs.admanmedia.com Failed ssbsync.smartadserver.com
g2.gumgum.com
0 sync.technoratimedia.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 adx3.adform.net Failed imasdk.googleapis.com
0 fastlane.rubiconproject.com Failed cdn.adpushup.com
0 static.bg3.co Failed www.bg3.co
549 185
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
feebee.com.tw
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh

This page contains 93 frames:

Primary Page: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Frame ID: 07230125D834EE841B6D2C872183B39E
Requests: 192 HTTP requests in this frame

Frame: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4CEDA952BCAED1927053AC29D94E4114
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufODU_CCzXt_nwj8845v7IJ-syN7et3Y09dC5LTOHSMQlR48oD3ou3NcpXg3DT9N3_cTtI51UEka_rC3hw1QS9EZAG2B21F6gPXK6nQikk5iLwlXPg8uQ4kkAaIxAmZpecADIIMijYmJS5k2v1_2G5Um5YL7dRcU_LzuLJjKauJr4Ttz8dZFM7eP35wHEOo_DXZvdZUWqmBRDE8hmbouqMbBs8JAeWuWeEZEK_1mxthRawSWz6GjPO1c9PSOMVsAwvlwxiXgsW4Wj2vRlYpKS1NV1REsIb8H2hPQ2QW2dwZ1DwxjXxXN_WrRJVWIB9jt2-mw&sai=AMfl-YSkRk0sSjw4Xj6skuU5liJfiZkkrWr6jqRG3XRz4bgM8WIFOg96CagLQAjNIqbwdyFx3XFMxATOVLnwfm7auDKNJnU2CQUlGyToD99j9nANNouARDs4WD6dacXd-jjlON-tf_ZQp0q71NtfCtU&sig=Cg0ArKJSzGED8-gARC8wEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 336B1F2C20CD190DEDF9C7574D3F19A1
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 4D390FB9910E1D1D19B9C7F0D91C4C00
Requests: 16 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&cmcv=&pix=undefined&cb=1696360859729&uv=3344&tms=1696360859729&abt=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9187ec73-96db-436a-a1fc-76231cc08939&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F3E6C45938F76F4419747C87297BCE80
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: A9E5B23FE6839E99DDB3C128EE766C40
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9AC36ED88583FA787741228A7BCF3C16
Requests: 4 HTTP requests in this frame

Frame: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E587741728C7CB12C310262E1812D08
Requests: 17 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: FDCBF0B68120066872BBB3C0A8A5AD3C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 2DE9BE1FB684B057C738E75F8DB6F013
Requests: 16 HTTP requests in this frame

Frame: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 814EAEB9174517ECDDCC5447526A79E2
Requests: 22 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 904276B395221804733B91C9F1F86A4A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjlxojGATAB&v=APEucNVHv9bfjIB8Ul3Z4S4_-ckpBtq8JhFgpe7lOP9RZVyaG4CAZt0gI2IzMChBCGTrkQO6svb9Rvva0cS_UufS7kns7UAniQ
Frame ID: 108194394A2B8C08BAFE7D7093990076
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNVmh9jYVdSNFq3_xCM0bjWvPkFc7RfXVDy7OvL92uALQCv9kpcNteUkmTRBkUDHt4acKLp_lMmp42db67oMOpWIFoT0VA
Frame ID: 16BC3992A01DF22CFBBA5AB1A688D52B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: A19F40D7E71BFCDCF55A9EEA8DA0A7DF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: F80AA8EA725278AC6CBAAA71E44B4290
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: ACDFF472AF83CA8CE1A108B7EC584D04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Frame ID: 931CE16416D7D084AB644AA10D2DA058
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B0D5F371B33C8D49B14552F7302B4FB7
Requests: 15 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 62221385CFD61D8585E273E69F9C59D6
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 209F2A85BCE53EF4A16AC1E4382CC5DD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4764EDAFCF3AAE78F4E713FF09F17178
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 29A594D8D94EAA79488FBE8155949291
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 403B5F5651D61748763330A29EC32D5D
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: D8659A585975FAF966C2049D01283BF7
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 334A3E59EFD94EB71315D96ADC4F7B5C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696360858728
Frame ID: 5AC27EA1C484A4880EFA803EA236D74B
Requests: 12 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: E41ABA229CCB50F9C3EF5853DB0B10EB
Requests: 7 HTTP requests in this frame

Frame: https://8bba9bc6dbc9cbafd4e27a23ef8230e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 518AFF8FE044F9F12B4B687AC12FAF1A
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: F308186820AA9BEC19B0FA488E252E10
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 8D326422404330C31E5B6FB9FF202D42
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 226C76286DF1F435AB8E4E93FA518F3E
Requests: 9 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 95BB7A83DE853EBEB2F52C6BB2056A94
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 88129809D352AFC5A3877EF150FB6B4F
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 5D2A6F62E2F33925A27C825CFEBDDCEA
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 7EE3F100F7BE13FD88234C181C375100
Requests: 18 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 3E25423620A617D590D70398D267D7E4
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: A198E0C734F1BEC76F8A3F6519E6E65F
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: F70778DBAF5163630902A2A40586387F
Requests: 6 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: E5396E8F677B598AA4EB63993D31B2E0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 6CDC9BBF2379D024493AA4309221BD23
Requests: 13 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: F487B8B1E19E6A3A53F301148635F738
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&us_ps=
Frame ID: 8CC62DF62D5F0F1F1F149A705A8B87EB
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=321&uid=RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
Frame ID: 1DE5A6E845F6A364333A15E232EA58F7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/26f07d88-8d78-5214-9f1d-135efa017af6
Frame ID: 351F0829346E33001B99AC86219B671A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E5443FCEAC6A4D63291866D41E7D28A6
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Frame ID: B4368C0FBB9713C269467A317A4954CA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 38872FEDB443E0DF9558EBD305842AE8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/6a7cae5ade1336596d1a0f1be6d1b16?gdpr_consent=&gdpr=0
Frame ID: 53C74F7BE097E587575752780A3267CD
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 01FB382183B19312C3D5CDD62AEA9F33
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Frame ID: 83AC2B9D12FA25E734C65080E475B128
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE24E87F9ACB61CD474D9C2B293E6D80
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: 01427D982D68F1F8D2D06C09D8C278F4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B6438E190B258D6C0EBCCAE71FBD225A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BA0BE8882FCE19D64D5E02F945B6D84E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58BE3FC4AB73F253A408ADC295CFD0B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E56B4E1F259EBAE19703F130D5B3C077
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=749143749442182727&gdpr=0&gdpr_consent=
Frame ID: F0238796E15DD4D10341DF66905A81C1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZRxpqwAAAcXj6wA_&gdpr=0&gdpr_consent=&_test=ZRxpqwAAAcXj6wA_
Frame ID: CF1B39CAED70465DE154E3F4EAED9C7E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTUzYTI1ZC0wYWVjLTRkODUtYTZlZS1mYzcwZTJmMDk4MWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: F1E23188C6059E026F384464C87156EE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 37EC038028F8B3AE9BF197E5056D64DD
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: E730F64F137E4D1F7BA803D90E53C67E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZRxprMCo8XgAAB9MBacAAAAA
Frame ID: 7215ED4C60ADC40B03364D6B125A6294
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: F8DF24396D881AB685B2697625874294
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=lYArsujLej77SoRkDdQC&pi=gumgum&tc=1
Frame ID: 23ABADD8FE5B3B186A8E12B05884A34D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2D7DEEEC91BC410F975D023EB864045E
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/03/c1/29/Mueller_Multimedia_Emotional_728x90_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285814471751437321%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023273%2526c%253D12478%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: DB55CA689ED3E4AEB12940ED21CABF27
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE946151771DD48316FE54CC141E507D
Requests: 9 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 104498DF48C4F4AA7ADA1A889BEBADB7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE&redir=true&gdpr=0&gdpr_consent=
Frame ID: 7311EE64BD160F212443814DDBF7A329
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: BA3A89FA19D90FED7514D5F079A03464
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 6F3D0C5BF4849541820F0EE626FC7510
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: 90CE96F86885C679B02331C19A22AD93
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E667BE5518273EE7CDEBF5507066B6FD
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: EB3102EE38C2ABFBF76B63A9BE5FE1B4
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 1750B05EE3016BFE83FA120AEB4E0893
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 1219407467FD5EEC8D9BBA8FC0EF5C8E
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 689522EFBA017FB432C069BE800F96B2
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 0F165336702E7AA357DE6628CBB524E0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4C5E348ABF37AD83CBED9D910D0F9E83
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 139B2C274F21347B6F745271760FDD9C
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: B9C8663D1FF3BADE0F148CE629510086
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 6019F4970E4AAF9B4743C97C13EE78B7
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 67E5DE198524A1EF19A07F7AC7F9DEC6
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B44601FB2D37A8722A36CEC096BA4143
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B33B7961D0AE9D3B9EF999ED1E6D8359
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 985B444DFA5EFA193230504B645560A4
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Frame ID: 31A063D529BACF86ECE4B40FBA464645
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Frame ID: 37B3689EAD7F13B4A7CE5DF5CCFDA6F2
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=10444100160732304438270012466026&pv=1
Frame ID: 4C50C83214242F22BC77F9CB9E286BF2
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=10444100160732304438270012466026&pv=1
Frame ID: 8B655E0D5A42EADA614116A5AC966444
Requests: 1 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=10444100160732304438270012466026&a=c132cf0d
Frame ID: 8C8A43358E4A80542FEB5514068821B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E09D0BAC3637B9D4DFA6AB6F2C789CF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

查三中案進黨中央抄紀錄? 北檢:應國民黨之請而前往 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

549
Requests

64 %
HTTPS

0 %
IPv6

110
Domains

185
Subdomains

101
IPs

12
Countries

4310 kB
Transfer

13754 kB
Size

133
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 145
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D4cce4a08-7398-48dd-8b11-2764ddfd7d1f%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&p_id=23
Request Chain 146
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=0880f86d-8537-4015-9abc-b23c27dc500b&p_id=15
Request Chain 156
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
Request Chain 157
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=211986550558328471
Request Chain 158
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
Request Chain 160
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivb8iaTTOH40RMadRvE3VzNNVfm1ss9uYw
Request Chain 161
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=5294539708228200926
Request Chain 163
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=oj5_VhVi-XzeCR5LsEfQdcsgbaF4u1iKjRyVZg0A7ig
Request Chain 164
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVEN0Y2NTEtQzRDQS00NEJCLUFCNjEtNzkxQ0YwOUFCQkJF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPoWnfhjnuVlXm5o5h9vOKA&google_cver=1
Request Chain 166
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
Request Chain 168
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685629981899883&expires=30&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 169
  • https://ad.mox.tv/delivery/sync?userid=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs&p_id=5
Request Chain 184
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 185
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
Request Chain 193
  • https://pr-bh.ybp.yahoo.com/sync/taboola/fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
Request Chain 218
  • https://pr-bh.ybp.yahoo.com/sync/taboola/fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
Request Chain 251
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 262
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
Request Chain 266
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&C=1
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRxpoEP4uUSs6wmDKxJjygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Request Chain 280
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRxpoKMB29AF2oKKN-v8hQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Request Chain 287
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696353664&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696360862363&bpp=774&bdt=4309&idt=2230&shv=r20230928&mjsv=m202309290901&ptt=5&saldr=sd&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&correlator=6480063276513&frm=23&ife=1&pv=2&ga_vid=1308101982.1696360855&ga_sid=1696360865&ga_hid=1562618067&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2300&biw=1600&bih=1200&isw=336&ish=280&ifk=1884372527&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076838%2C42531705%2C42532265%2C31078297%2C31078421%2C31078422&oid=2&pvsid=2791906274561959&tmod=1291524388&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.v5cgd16zd06b&btvi=1&fsb=1&dtd=2296 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 298
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 299
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 304
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=211986550558328471
Request Chain 307
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696360872876 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8515859467 HTTP 302
  • https://sync.1rx.io/usersync/turn/8917603210396078727?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
Request Chain 308
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5109685629981899883
Request Chain 309
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=667fe56d-a50e-4a6f-84d1-93784b211979
Request Chain 310
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 311
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
Request Chain 312
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-0fc48e17-89b8-382e-b8ba-b992b8f39d5f&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAh8iOAE=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.disqus.com/match?bidder=31&buyeruid=db344fbb-7dc6-443d-9c2d-42e7a69de0be&r=Cid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAh8iOAE=&gdpr=&gdpr_consent= HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-0fc48e17-89b8-382e-b8ba-b992b8f39d5f&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAh8iOAI=&gdpr=&gdpr_consent=&us_privacy=
Request Chain 313
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
Request Chain 315
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 326
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=eb197b38-db9e-4dad-b675-1zz1696360863 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-2vmeBotfqpfe78zPaxKtZbpotsTYbv8CQlBY4w&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&us_ps=
Request Chain 328
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696360872877 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2950171757 HTTP 302
  • https://sync.1rx.io/usersync/turn/3297110875437699719?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-37428463-7522-4c7d-83d8-95f30e729ae8-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-37428463-7522-4c7d-83d8-95f30e729ae8-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
Request Chain 330
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=3594415963459389422 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/26f07d88-8d78-5214-9f1d-135efa017af6
Request Chain 331
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 332
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Request Chain 334
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/6a7cae5ade1336596d1a0f1be6d1b16?gdpr_consent=&gdpr=0
Request Chain 336
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Request Chain 340
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1560a79f-dd75-4ecf-891f-924f2409b3d1&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 341
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ImGDGSJt00o5bNBJIWefTXU10xg5MdBPcmEGlMrj
Request Chain 342
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7341292135417961622
Request Chain 343
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=bc99aaf0-2ec1-8f8b-bd65-09a290d15a16 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=bc99aaf0-2ec1-8f8b-bd65-09a290d15a16&dcc=t
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMk_fakEYz8X4kd0UyqxcU&google_cver=1
Request Chain 360
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-WRXiU85E2pnvZxRYP9_XnXf7ZawtEhe6eGroaA--~A&expires=5&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 362
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
Request Chain 365
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFps46a5rBt2Fs37Hth5lo0&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 372
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KFAt-fAXH2h4vyAc6KacI1crTg-TU-dUu96Z8bdKJsE
Request Chain 376
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
Request Chain 388
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 389
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRxpoCfB8eKs5WwsbV25uwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Request Chain 390
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712172073&external_user_id=a600b949-7327-4513-8dd1-922136e21521
Request Chain 391
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_81db2243-eac7-47cc-a98e-849465c417ee&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 392
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZRxpoCfB8eKs5WwsbV25uwAA%263192?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRxpoCfB8eKs5WwsbV25uwAA%263192
Request Chain 393
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 396
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
Request Chain 398
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRxpoeBwz12u3Pl.F0pnQQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&google_hm=2
Request Chain 400
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6a7cae5ade1336596d1a0f1be6d1b16&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7286384391552095810&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/6a7cae5ade1336596d1a0f1be6d1b16?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vWYH_WdE2oNVAboIVDpu3Zz.bUOLRIQDgVSuQE3l~A
Request Chain 401
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2504477341020492423
Request Chain 402
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 403
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629981899883
Request Chain 405
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNAPGI8G-8-VLW HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNAPGI8G-8-VLW HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
Request Chain 409
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmdnRDFJZS1KVnRUeG1LWDl6TVFwc3l6Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGZnZ0QxSWUtSlZ0VHhtS1g5ek1RcHN5emciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D
Request Chain 411
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=211986550558328471
Request Chain 412
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=491f0bfe-72ef-4f92-8107-8dc48d785888&ssp=gumgum2&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b
Request Chain 413
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28629oJu96lJ4NOqMYFzzwMr7iEoj3mp2C9LJ1_5Eqx0cIVs7OSpJ0hCMHaAaaqbAI%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28629oJu96lJ4NOqMYFzzwMr7iEoj3mp2C9LJ1_5Eqx0cIVs7OSpJ0hCMHaAaaqbAI%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&obuid=ENC(629oJu96lJ4NOqMYFzzwMr7iEoj3mp2C9LJ1_5Eqx0cIVs7OSpJ0hCMHaAaaqbAI)&gdpr=0
Request Chain 414
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=137272fd-1a7e-0c27-1a10-9bd830b290b0
Request Chain 415
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
Request Chain 416
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jZfg4udE2pd4IrQbD2kVefJXLuxUtcPvzb_3~A
Request Chain 417
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=ee6af653-2be4-4d10-9b92-abb15c773ce7
Request Chain 419
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=cg5K0YeePjdXt5JYe138&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3HGVFTAWLFMVIGUZCYOQ2UUWLFGEZTQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 420
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Request Chain 421
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=NHwzD3SaqyXD&ev=1&pid=558355
Request Chain 422
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5294539708228200926
Request Chain 425
  • https://hal900026.redintelligence.net/request.php?zone=eoj7iutodpqy&nw=20&renderingType=javascript&namespace=349faaa666&subid=&uid=674fd53d226ddec6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2V8ynGkcZcOPDJDXgAfelLqgAZHB0Jtp0-uDktwP8C4QASC6hMAzYPWFgIDcBMgBCakCl6DsjUuKsT6oAwHIA5sEqgSXAk_Q031Nh2o4pex_bbVpaCuobXJtvKwuwvvx58dewdCWFEzc40Tgi5uCALzfhxBMwN-sQKybNM9iFOPqT6OM2UoVRrsLmHFY6tmROEWdEeGnOAtVcgpMFEPMgE2VhZYLQDpYdJbRR0CqsvEuMWGw-4e4UQ4VP9b9WMDl14QJ4f_i7rnJzlrldCWxSi93UHImnwgmJPCPKcVBw92bpcOLafgfTwqLfaxuHEYCtHkdcP3DpuWRbzGbVi5l0QH4Kh6k7dnIvEveJNy84dSyKZKSKKPymWXlXbsbnRvB5SUfRGnqJpqzCVNIRWZuAZT3WGwWU4OnNnsb93HlENioKBKDgInj11o6v_0Lpo7rrTsXeUq2KWd2DovNNMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj1xO3TzNqBAxWQK-AKHV6KDhSwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIw83u08zagQMVkCvgCh1eig4UEAEYASAAEgI0gPD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE%26sig%3DAOD64_2F9Wf6NZQSRF5fz5B2IqewAAzhpA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Dy0lCCIvxtalMZeyQ-TTREHR2Q0XKYNjFvIyLscrmpn5AFJyIWrp36zKNiZLqvbZeDnE85_VS9V2pdvjWeJNh2LegmFdPWpeZeCVkKBfi4IERR2KysGo0_5Tpex6r-TNG9dmhEFYy8FfHRKtxIcmDbpVAhY11VNElzA8LMNyoyUKYrUW4%26cry%3D1%26dbm_d%3DAKAmf-Dy17OUI7uwlAFN_y7aGe3OAdEiifieXER7ofYBaGlrqa5eTeLDXvAxzGrg_3lp1EgmycVE_hsV9AafLKRI7ZhyErnOryk2U1iI4q22P8L-qaUXH9KAtrXrJMTCacOPeQ1z2BOSkT5qe-aOseF3xvvpTQDSORtJaojBWUidGtu4DEX7T8-lqoKlhnjzWwznAiVOcxElU3luXC4ObIomNpECSB6zQGOQq6nyFXzRATJwKBtVH4V8_CZ8x3xEQ2_Bya8Cnu_KIe3d_x8oBNOvsvOWcmznX6LUwW1xrCkS13VYj7cp_jt3aEvD5egYBuFWdh9_jlBnjAAvo_U82F6ZwzsYbFunMe44Y3wrljkaugJUUM7Lm0RqkPoDCaHkXBqMY97RZmGUVoInXO7xubN45XXqQpcgwbIJlpAgGaS5IKkU5iVM6RVoY0lcqqEGQhzozZrGVTOVxKVHlIX839ACG5TCZrdozD_hX4ZSTbtZsRx7Ab7pO36TCWWPTRzpXcXbnIF96DwCRSn2Epjf6xKi4E-o4rwStaZqR3xX1FM53qTVlbiVD9pJ48FZMyoCDf5VB_nbUIhf0TShgJF1WXcwudG9018Oz2SZQLPWeXOj1mRJ9X2kEkY5Bu52-of3kc73mFNiRnMfouvETzA0mGw9rqyv94R0aQW5RICc6Etsur_c6AMSLMY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9998866726532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900026.redintelligence.net/request.php?zone=eoj7iutodpqy&nw=20&renderingType=javascript&namespace=349faaa666&subid=&uid=674fd53d226ddec6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2V8ynGkcZcOPDJDXgAfelLqgAZHB0Jtp0-uDktwP8C4QASC6hMAzYPWFgIDcBMgBCakCl6DsjUuKsT6oAwHIA5sEqgSXAk_Q031Nh2o4pex_bbVpaCuobXJtvKwuwvvx58dewdCWFEzc40Tgi5uCALzfhxBMwN-sQKybNM9iFOPqT6OM2UoVRrsLmHFY6tmROEWdEeGnOAtVcgpMFEPMgE2VhZYLQDpYdJbRR0CqsvEuMWGw-4e4UQ4VP9b9WMDl14QJ4f_i7rnJzlrldCWxSi93UHImnwgmJPCPKcVBw92bpcOLafgfTwqLfaxuHEYCtHkdcP3DpuWRbzGbVi5l0QH4Kh6k7dnIvEveJNy84dSyKZKSKKPymWXlXbsbnRvB5SUfRGnqJpqzCVNIRWZuAZT3WGwWU4OnNnsb93HlENioKBKDgInj11o6v_0Lpo7rrTsXeUq2KWd2DovNNMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj1xO3TzNqBAxWQK-AKHV6KDhSwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIw83u08zagQMVkCvgCh1eig4UEAEYASAAEgI0gPD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE%26sig%3DAOD64_2F9Wf6NZQSRF5fz5B2IqewAAzhpA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Dy0lCCIvxtalMZeyQ-TTREHR2Q0XKYNjFvIyLscrmpn5AFJyIWrp36zKNiZLqvbZeDnE85_VS9V2pdvjWeJNh2LegmFdPWpeZeCVkKBfi4IERR2KysGo0_5Tpex6r-TNG9dmhEFYy8FfHRKtxIcmDbpVAhY11VNElzA8LMNyoyUKYrUW4%26cry%3D1%26dbm_d%3DAKAmf-Dy17OUI7uwlAFN_y7aGe3OAdEiifieXER7ofYBaGlrqa5eTeLDXvAxzGrg_3lp1EgmycVE_hsV9AafLKRI7ZhyErnOryk2U1iI4q22P8L-qaUXH9KAtrXrJMTCacOPeQ1z2BOSkT5qe-aOseF3xvvpTQDSORtJaojBWUidGtu4DEX7T8-lqoKlhnjzWwznAiVOcxElU3luXC4ObIomNpECSB6zQGOQq6nyFXzRATJwKBtVH4V8_CZ8x3xEQ2_Bya8Cnu_KIe3d_x8oBNOvsvOWcmznX6LUwW1xrCkS13VYj7cp_jt3aEvD5egYBuFWdh9_jlBnjAAvo_U82F6ZwzsYbFunMe44Y3wrljkaugJUUM7Lm0RqkPoDCaHkXBqMY97RZmGUVoInXO7xubN45XXqQpcgwbIJlpAgGaS5IKkU5iVM6RVoY0lcqqEGQhzozZrGVTOVxKVHlIX839ACG5TCZrdozD_hX4ZSTbtZsRx7Ab7pO36TCWWPTRzpXcXbnIF96DwCRSn2Epjf6xKi4E-o4rwStaZqR3xX1FM53qTVlbiVD9pJ48FZMyoCDf5VB_nbUIhf0TShgJF1WXcwudG9018Oz2SZQLPWeXOj1mRJ9X2kEkY5Bu52-of3kc73mFNiRnMfouvETzA0mGw9rqyv94R0aQW5RICc6Etsur_c6AMSLMY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9998866726532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 428
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=749143749442182727&gdpr=0&gdpr_consent=
Request Chain 429
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRxpqwAAAcXj6wA_ HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZRxpqwAAAcXj6wA_&gdpr=0&gdpr_consent=&_test=ZRxpqwAAAcXj6wA_
Request Chain 431
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5WjSo1R2QZS3I2ZgoXcZoA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5WjSo1R2QZS3I2ZgoXcZoA
Request Chain 432
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5BUEdJOEctOC1WTFc= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELvb9EPtElCOKLTTL8Ysj8U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5BUEdJOEctOC1WTFc=&google_push=
Request Chain 434
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM2YTViZjBlMWFjYzU5YzlmOTI5MzA0Nzg2YWNhYjdkMjBhYTNjNg
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN2C19K9zRWVeuOWiqafGzM&google_cver=1
Request Chain 436
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAPGI8G-8-VLW
Request Chain 437
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=u1nmypqKRhGdMJdUCE381w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=u1nmypqKRhGdMJdUCE381w
Request Chain 438
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xA7DsrwhNwseN_gI2GldCA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AUnB5TdE2oKVgzsqTR4QLslYe7RjdaxX37I16Q--~A
Request Chain 439
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
Request Chain 440
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAPGI8G-8-VLW
Request Chain 443
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNAPGI8G-8-VLW
Request Chain 444
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ce06a85f-a5b0-4ba3-a88b-475d5350ac07&expires=30
Request Chain 445
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=103245011659624345
Request Chain 447
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=TRzXViOTUS1rMEklYY4qvp61b0Q
Request Chain 448
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8f7131a5-7da0-4a0e-a20f-6ea933cbf478
Request Chain 449
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2576534935058420359&expires=60&gdpr=&gdpr_consent=
Request Chain 450
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=211986550558328471&expires=30
Request Chain 451
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1918927419
Request Chain 453
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1
Request Chain 460
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRxprMCo8XgAAB9MBacAAAAA
Request Chain 463
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=lYArsujLej77SoRkDdQC&pi=gumgum&tc=1
Request Chain 464
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 465
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRxpoeBwz12u3Pl.F0pnQQAA%263214
Request Chain 466
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=7d163489-4df9-0b25-05f3-92c2b8e11b13
Request Chain 467
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=295918812076127404041
Request Chain 468
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 470
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Request Chain 471
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=cbb63d112b2b132fdce6b1ff7b32a15f
Request Chain 475
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=211986550558328471&gdpr=0&gdpr_consent=
Request Chain 476
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Request Chain 478
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
Request Chain 480
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNAPGI8G-8-VLW HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LNAPGI8G-8-VLW
Request Chain 493
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBDlJSeTkPXkKt0xFHy_y9s&google_cver=1&google_push=AXcoOmT3-Cl3_SL-JAPaHfx0a2ooccoZveptlSSFRdwbgyyPIQZbKzokBl1op-cEF2dSmIAijStr7OuUioPAm29vAhjKK9wdH2Wz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAzMjQ1MDExNjU5NjI0MzQ1&google_push=AXcoOmT3-Cl3_SL-JAPaHfx0a2ooccoZveptlSSFRdwbgyyPIQZbKzokBl1op-cEF2dSmIAijStr7OuUioPAm29vAhjKK9wdH2Wz
Request Chain 494
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIrm9gC5cYVVjJbswr6t3_A&google_cver=1&google_push=AXcoOmTNigDkFkW2sOA8lGth6xX2DaQEKpCeO3VAffpV2e8tFmpfyhIdwV6VjlalLbd6n9k3OVKOdnPXBGp9VLW7FWb3-IGvHupr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTNigDkFkW2sOA8lGth6xX2DaQEKpCeO3VAffpV2e8tFmpfyhIdwV6VjlalLbd6n9k3OVKOdnPXBGp9VLW7FWb3-IGvHupr&google_hm=OxlcsZvtjV-bH8eCK_urTA==
Request Chain 501
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

549 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
www.bg3.co/a/ 		56 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
46660c65bda2bf39154796ab450adbfcfc638c79f158f69d51805b541244c443

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 19:20:47 GMT
etag
"ded2-9G9gtPqjJNEx8VNmZDdiDs5N0bI"
expires
Tue, 03 Oct 2023 19:21:47 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 03 Oct 2023 19:20:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73010
x-xss-protection
0
server
sffe
etag
"b44d49b4390daba4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 19:20:49 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 03 Oct 2023 19:20:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9649
x-xss-protection
0
server
sffe
etag
"72b1ab72fa86fbb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 19:20:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8a47301b057a3e76db81dd861ed632bb0ed98e5fcda1d2b5844d0b12754f5378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29382
x-xss-protection
0
server
cafe
etag
446 / 19633 / m202309280101 / config-hash: 18346230598739657090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:20:52 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4bbeede6ecb96095a8feb376bb4b9b34e00d8e6b87a17711af3e11e646fd32fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91457
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 19:20:52 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Oct 2023 13:24:21 GMT
server
cloudflare
age
30623
etag
W/"651ac485-a1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
81078b681dea0e34-AMS
expires
Tue, 03 Oct 2023 22:50:25 GMT
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 19:20:52 GMT
content-encoding
br
age
43697
x-cache
HIT
x-client-device
desktop
content-length
10032
x-ap-device
DESKTOP
last-modified
Tue, 03 Oct 2023 07:00:26 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Tue, 03 Oct 2023 20:20:52 GMT
adpushup.js
cdn.adpushup.com/42753/ 		681 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 19:20:48 GMT
content-encoding
br
age
382792
x-cache
HIT
x-client-device
desktop
content-length
145467
x-ap-device
DESKTOP
last-modified
Thu, 28 Sep 2023 16:35:35 GMT
server
ECAcc (frc/4CC5)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Tue, 03 Oct 2023 20:20:48 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		563 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bab0cd22b812fe187ea78dafbff485c8ecb9d755fa5ea9d75912a3b39bc3c93f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Yr7T8HrVNyhK_41shFiUGwuYGOTG3VKh
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:51 GMT
x-amz-request-id
Q5VP37PGSS4W8PYR
age
8476
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
19
x-amz-replication-status
FAILED
content-length
55613
x-amz-id-2
Q1P59Q6s18VUx0z69Bi3nXbLLmSKJynU8wo91g1ubox+17eHcFpe7P/dWYy+CDBNKv12uUT6+Wg=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 16:56:26 UTC
server
nginx
x-timer
S1696360852.685261,VS0,VE2
etag
"b2f93b8cd76a1298ee7dd43eb93f7969608cd8b6"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
21
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11992
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kuvqjt6rSP%2FXGvIqd34cwZp43O3lOGSa0sz5c4P4khcztjpg19P6%2FyPQ31UX3st%2BL2EK6RxJlHqYDJ4vfzg2m%2FkU%2Fdji06Ewbfso9uaCxlV9lnNr3S1ivINJZk4k2F3rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81078ba11dc9368b-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
t.php
c.statcounter.com/ 		192 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=48D3BB29BEED4FDC146B627280EA84FC&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&t=%E6%9F%A5%E4%B8%89%E4%B8%AD%E6%A1%88%E9%80%B2%E9%BB%A8%E4%B8%AD%E5%A4%AE%E6%8A%84%E7%B4%80%E9%8C%84%EF%BC%9F%E3%80%80%E5%8C%97%E6%AA%A2%EF%BC%9A%E6%87%89%E5%9C%8B%E6%B0%91%E9%BB%A8%E4%B9%8B%E8%AB%8B%E8%80%8C%E5%89%8D%E5%BE%80%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=6729&sc_rum_e_e=6734&sc_rum_f_s=0&sc_rum_f_e=6726&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
81078b7a7a580e34-AMS
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1122755
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230051-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696360856.620209,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 1006404
1dc5d8f6bac9baf1984e8150b42af527.jpg
static.bg3.co/imgs/202105/ 		0
0
1dc5d8f6bac9baf1984e8150b42af527.jpg
static.bg3.co/imgs/202105/ 		0
0
9d4e5227cdf0d0b5578970a34707c831.jpg
static.bg3.co/imgs/202105/ 		0
0
ba1f660f44b5931935dc7b36cd58c21e.jpg
static.bg3.co/imgs/202105/ 		0
0
530930b9f9b51f70c9bb636b9d9810d0.jpg
static.bg3.co/imgs/202106/ 		0
0
8be601b31d814223b5e000c61c6d472e.jpg
static.bg3.co/imgs/202106/ 		0
0
2cc24dc2688f4dd452d02d774e3bdee5.jpg
static.bg3.co/imgs/202309/ 		0
0
c38345dbc0703949cd680e0cdb542137.jpg
static.bg3.co/imgs/202106/ 		0
0
65cf89826caee312701ad3a998e5feef.jpg
static.bg3.co/imgs/202105/ 		0
0
b1ad12c25d0ba1ea81c996d2a66ec2de.jpg
static.bg3.co/imgs/202309/ 		0
0
15b769bff042bc60cb87e76e3ccf8b9e.jpg
static.bg3.co/imgs/202106/ 		0
0
51d94f19a2b6ed48e781e17f0087c025.jpg
static.bg3.co/imgs/202105/ 		0
0
c5602d9b70c481ecd5a7d08bdc64ff18.jpg
static.bg3.co/imgs/202309/ 		0
0
f1cb25a3aeee8a7bdff33891289f4a8c.jpg
static.bg3.co/imgs/202105/ 		0
0
18a2f0234a530e8d4f57614cd695e23b.jpg
static.bg3.co/imgs/202106/ 		0
0
5dec899bb48f567340fe6750eb50042c.jpg
static.bg3.co/imgs/202105/ 		0
0
ef0d322a5ce0a5b986048d81f0556696.jpg
static.bg3.co/imgs/202106/ 		0
0
7612196309399d6869387afcefa35059.jpg
static.bg3.co/imgs/202105/ 		0
0
4843e3bbef1d0a0713faad8ff3aa5bd9.jpg
static.bg3.co/imgs/202309/ 		0
0
7ccdd9e8a932a0e11107926d7fdf6893.jpg
static.bg3.co/imgs/202105/ 		0
0
f4625643e46d251a850911015d3b9889.jpg
static.bg3.co/imgs/202105/ 		0
0
c8ea24c37c7d9cf6dfbdd3fc5ec9a949.jpg
static.bg3.co/imgs/202105/ 		0
0
2092c18465e675c85c32d75738dc98cc.jpg
static.bg3.co/imgs/202309/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:02 GMT
age
604193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2976
x-xss-protection
0
server
sffe
etag
"07fb3dc7eac63481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:02 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:02 GMT
age
604193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3936
x-xss-protection
0
server
sffe
etag
"3d96bab6a7d5a37d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:02 GMT
impl.20231003-9-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5e79e3732bbbae1bf9807c0bb412a312efaf38da68ca7a90e4558c192af2ee24

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
im78naZw0f.pUwqPC7vJhfi9ZafTafax
content-encoding
br
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:53 GMT
x-amz-request-id
NW5YV2WXR2EVJR5C
age
4393
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171935
x-amz-id-2
+plOcc2fVoQsamuuO2wtNidGV3ZI4cR2Jook0HKF8MZ4BrbdrqGSLSKTaq3M3JADfkBTHyfLuHQ=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 09:59:30 GMT
server
AmazonS3-br
x-timer
S1696360854.842978,VS0,VE0
etag
"9fd15e78bb04560827b357a5c3482fb5"
vary
Accept-Encoding
content-type
application/javascript
abp
56
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
268
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1560225
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230051-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696360856.620209,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 31511
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3a20&_p=10720756&cid=1308101982.1696360855&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696360854&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=%E6%9F%A5%E4%B8%89%E4%B8%AD%E6%A1%88%E9%80%B2%E9%BB%A8%E4%B8%AD%E5%A4%AE%E6%8A%84%E7%B4%80%E9%8C%84%EF%BC%9F%E3%80%80%E5%8C%97%E6%AA%A2%EF%BC%9A%E6%87%89%E5%9C%8B%E6%B0%91%E9%BB%A8%E4%B9%8B%E8%AB%8B%E8%80%8C%E5%89%8D%E5%BE%80%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		413 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:13:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
11238
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 16:13:36 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
242837
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		75 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=21%3A20%3A55.584&lti=deflated&data=%7B%22id%22%3A208%2C%22ii%22%3A%22%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696330027877%2C%22vi%22%3A1696360855581%2C%22cv%22%3A%2220231003-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html%22%2C%22vpi%22%3A%22%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3409%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2561.171875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4059a11408bfcad3bff05e2c3af1be2be3118b339b6122b292aaadca3c1aaefb

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
359
date
Tue, 03 Oct 2023 19:20:55 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.3708333333333333
x-fastly-to-nlb-rtt
64352
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696360856.617329,VS0,VE359
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=470035721814119&correlator=4014477919766790&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696360856289&lmt=1696353656&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1308101982.1696360855&ga_sid=1696360856&ga_hid=10720756&ga_fc=true&dlt=1696360848121&idt=8133&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
d26936a8e0043ea3537f28bedc3ad61cccb0eec4a9827343904ab734387a0619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12570
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4CED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:20:57 GMT
expires
Wed, 02 Oct 2024 19:20:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-192.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 19:20:56 GMT
content-encoding
br
age
1655393
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 19:20:56 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 19:20:56 GMT
content-encoding
br
age
4623678
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 19:20:56 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 03 Oct 2023 19:20:56 GMT
content-encoding
br
age
1655393
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 19:20:56 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYzNjA4NTY2MjIsInBhY2tldElkIjoiMDAwMEE3MDEtZDUyZGU5YWYtZWM4Mi00NTgzLTkzMmYtNmZiYTcxZWMwNzEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYS1zYW4temhvbmctYW4tamluLWRhbmctemhvbmcteWFuZy1jaGFvLWppLWx1LWJlaS1qaWFuLXlpbmctZ3VvLW1pbi1kYW5nLXpoaS1xaW5nLWVyLXFpYW4td2FuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=11938
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:57 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYzNjA4NTY3MzIsInBhY2tldElkIjoiMDAwMEE3MDEtZDUyZGU5YWYtZWM4Mi00NTgzLTkzMmYtNmZiYTcxZWMwNzEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYS1zYW4temhvbmctYW4tamluLWRhbmctemhvbmcteWFuZy1jaGFvLWppLWx1LWJlaS1qaWFuLXlpbmctZ3VvLW1pbi1kYW5nLXpoaS1xaW5nLWVyLXFpYW4td2FuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=12048
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYzNjA4NTY3MzYsInBhY2tldElkIjoiMDAwMEE3MDEtZDUyZGU5YWYtZWM4Mi00NTgzLTkzMmYtNmZiYTcxZWMwNzEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYS1zYW4temhvbmctYW4tamluLWRhbmctemhvbmcteWFuZy1jaGFvLWppLWx1LWJlaS1qaWFuLXlpbmctZ3VvLW1pbi1kYW5nLXpoaS1xaW5nLWVyLXFpYW4td2FuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=12052.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYzNjA4NTY3MzksInBhY2tldElkIjoiMDAwMEE3MDEtZDUyZGU5YWYtZWM4Mi00NTgzLTkzMmYtNmZiYTcxZWMwNzEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYS1zYW4temhvbmctYW4tamluLWRhbmctemhvbmcteWFuZy1jaGFvLWppLWx1LWJlaS1qaWFuLXlpbmctZ3VvLW1pbi1kYW5nLXpoaS1xaW5nLWVyLXFpYW4td2FuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=12055.20000076294
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
790 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=470035721814119&correlator=1682955072163989&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696360856747&lmt=1696353656&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1308101982.1696360855&ga_sid=1696360856&ga_hid=10720756&ga_fc=true&dlt=1696360848121&idt=8133&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_12_0_pv%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_e&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
40773d3960abc50e66a2683ba0b3dd0637638378aa31e00da86b4735ccd0ec27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
583
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ca7a8672a07fab48b90d072b49a0b88a112113c195f43526dd9ab8c60145ecd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:26:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
24876
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13159
x-xss-protection
0
server
cafe
etag
16611791723324671441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 12:26:20 GMT
block.jpg
delivery.adrecover.com/ 		631 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1696360856756
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 02 Oct 2024 19:20:56 GMT
date
Tue, 03 Oct 2023 19:20:56 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
4090532
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYzNjA4NTY3MzIsInBhY2tldElkIjoiMDAwMEE3MDEtZDUyZGU5YWYtZWM4Mi00NTgzLTkzMmYtNmZiYTcxZWMwNzEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYS1zYW4temhvbmctYW4tamluLWRhbmctemhvbmcteWFuZy1jaGFvLWppLWx1LWJlaS1qaWFuLXlpbmctZ3VvLW1pbi1kYW5nLXpoaS1xaW5nLWVyLXFpYW4td2FuZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=12079.20000076294
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:57 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
floating-unit.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8647c3cdde2a08bb1de628a786e9607c1cfd69f8620f0b004b1e0eb13e9c501

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8s_DViAPZUyyFsHMf3y.XKS99HG44Wh.
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:56 GMT
x-amz-request-id
Q91W8NA3XEX7QBYA
age
31056
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
ZiQboCNW2v4DRJ8M0arF5ZG2Vgfkhqpwk/hm2Oyvf9sfcz7ix4dRelJU3saYtrNNT2+G4FZqZMQ=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:43:21 GMT
server
AmazonS3
x-timer
S1696360857.940305,VS0,VE0
etag
"9302a89d82d448058c541a3e803f8b05"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
94
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10692
taboola-vignette-new-scanning.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c15ccf4d265cf5f2b9bf8a4f591ccfaf190f264d0227fa1d37f4390fb14d5f87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bmU1uHvwScFLhTrZ1EdjHg3BxE4OcC9P
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:56 GMT
x-amz-request-id
DS82NX21W3DVQ83H
age
30995
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
E/UxYlBleaZ3iDamfyf2ITmrwfVslHGRKQAkGOjRKHcXSB19XThK+O1udy0pXK9zpINfsI7hmrM=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:44:22 GMT
server
AmazonS3
x-timer
S1696360857.940320,VS0,VE0
etag
"d5bf25530537f37e17642271edea36e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8242
distance-from-article.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90c5cb30608837e3f31706fad97926bf58dc6e8e586f25b26cd9575bb48f7706

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SMxoV_1G2bPBHHPyv65j29toj8WbxYVa
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
347ZAKWJA16PCCYC
age
31088
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
ZO8O1PTRXv3/F55xWuzzTUEEPXi6OeqTpclANXe6cmAUn7NbIzSsQ694AeBiKFj8IyQWYhYfWec=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:42:49 GMT
server
AmazonS3
x-timer
S1696360857.127286,VS0,VE0
etag
"fba1cab2be05b89de3b4a5f374570490"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
104302
article-detection.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5980a644111865c17f116417e51593a3a427e7a25130c6029bf2da0d10d79146

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4Pxdi2ZN_qLbgYtLsHwlgNgnk0ZhfDqC
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
CR4ZH69YABXDMAK4
age
31110
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
6UJZbFU9wQ//4TYEHMth/hMjhmwAqPsie8IPXFXILqSdcze3ymjT0xQKqW2rUq8lpPCVdbsxZ0Y=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:42:27 GMT
server
AmazonS3
x-timer
S1696360857.222382,VS0,VE0
etag
"504c6c3dee15b1e3d14bbe2c133783f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
96
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
104655
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.9/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6cf7f6b545e3bca01c1d76754a14719ce1329ab67177bd145767c2f2bc75fd8

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
31400
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34324
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Tue, 03 Oct 2023 10:37:22 GMT
server
AmazonS3
x-timer
S1696360858.234580,VS0,VE0
etag
"1181e33be6e95d56261bd3572bdb31d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
VnOQqcgNvJd8krScFwjdojRzByzEWPAhjW_3PNjOf14jCRgoMvbOeA==
x-cache-hits
6079
feed-card-placeholder.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e642d00afcb3f47c8b418e9322522e6f32cb0bc6d0e6ff0f69bdb890a0c1e10

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
b.bRJhyE_M.UcYh4CXnwDatiQkwMmJ4d
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
Z75J94QYD1DJ7XA0
age
31073
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
rRG4ZQAjED8z49ga5G9RD+iecw+W6VEwt/HKWIKRONVfivpAwWZe5Z/8rAptLelKv4ndiM/fI4A=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:43:04 GMT
server
AmazonS3
x-timer
S1696360857.221754,VS0,VE0
etag
"98f30df1dba99f07e6fbf17e11f8e6c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
19
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
89987
userx.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63499d6c49a6a813ee86e89bdfff444d23c29917fc366ff8fa18ab7244fdfd2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
V1ICWd9P6FlbX5kl8wLhqcKqeSAcEBLg
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
FZK4K60TB4PWXGZB
age
30986
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Sv/4XX5J9cBbSXuqALjO430HYT3c6fFtMd41MnaM4xPsu/gYuvt6SANyMoKJAsJQj8gaamreP4s=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:44:31 GMT
server
AmazonS3
x-timer
S1696360857.221715,VS0,VE0
etag
"4f2c93be6370d9ffbabd92e8fe593a87"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
24657
explore-more.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ada6435de11f15eba4e529b72fcd1bb6bc28e68e58400715586648a9ca330c88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8Zm1Y_de0oUxsK1csdM9gN4_qSBWriNL
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
DT5VE9TZJ7B4G5N6
age
31079
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
gkQj/bLsHhBWrkpETX9vo4XSsOGJQ4mtSGp+gpOYegGPyMPorCKuyU/thX7LqTXyMu71lLU8QkQ=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:42:58 GMT
server
AmazonS3
x-timer
S1696360857.221697,VS0,VE0
etag
"d4812d5ed92b47fe2875bdc57c9074f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
50991
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=21%3A20%3A56.864&id=6281&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1696360856865%7D&tim=21%3A20%3A56.865&id=1235&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696360856878%7D&tim=21%3A20%3A56.878&id=5762&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A20%3A56.913&id=1869&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A20%3A56.916&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9686&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
59768
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A20%3A56.917&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1056&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
59768
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A20%3A56.923&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3354&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
59564
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A20%3A56.925&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8253&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
59564
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A20%3A56.930&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7734&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
59564
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
39
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1696360857.221666,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
74
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
83
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77dfcd4be914b9e59d398c8c45b4adde75246ba1aa5438b8b8373c7f80af3a6f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_690%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1096780
edge-cache-tag
461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
472
expiration
expiry-date="Tue, 26 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ulm-news.de/
content-length
105596
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200065-IAD, cache-iad-kiad7000142-IAD, cache-iad-kjyo7100107-IAD, cache-fra-eddf8230085-FRA
last-modified
Sat, 26 Aug 2023 06:37:11 GMT
server
nginx
surrogate-reporting
width=1194,height=896,owidth=1344,oheight=896,obytes=2183212
x-timer
S1696360858.171760,VS0,VE10
etag
"208b5e98b1735467f15b4f9869c3cbb9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
4099221
edge-cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
329
expiration
expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/Calcio/Nazionale/13-09-2023/frattesi-due-gol-per-la-storia-felice-ma-non-mi-fermo.shtml
content-length
77796
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kiad7000113-IAD, cache-iad-kjyo7100056-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 10 Aug 2023 20:02:04 GMT
server
nginx
x-timer
S1696360858.172080,VS0,VE19
etag
"71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 31, 1
nYim6X6SYHYMpRj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d52df9fabaed1fef20e9bcacbdafdaa0d0f6d07ef28c580fe47c0f14a0053ad3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
age
1352699
edge-cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
321
expiration
expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/
content-length
9756
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kjyo7100076-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230085-FRA
last-modified
Mon, 21 Aug 2023 16:40:54 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=625,obytes=103339
x-timer
S1696360858.171747,VS0,VE2
etag
"0adc8ec46c2767904c6ee865def1f1ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 514, 1
9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd44edba344915bf6be3cfb45b865ee4be9991a56b47a8d4f6691491d7d8a786

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
age
4113497
edge-cache-tag
565218022308872277084972768976654244803,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
565218022308872277084972768976654244803,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
244
req-referer
https://www.wcax.com/
content-length
22906
x-request-id
c6c0ea2b840b8b2ed03a79f803c66573
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000030-IAD, cache-iad-kcgs7200143-IAD, cache-sna10745-LGB, cache-iad-kjyo7100032-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 27 Jul 2023 15:53:21 GMT
server
nginx
x-timer
S1696360859.606547,VS0,VE7
etag
"efb39a55bf2c714b07b34cd6c3d2eb0c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 1334, 1
Fliesen.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8dab78e34737f302fc6a2d7d39e8772b6de5252506b8bdadf001b640c2d45aae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tippsundtricks.co/2017/03/Fliesen.png
age
2334402
edge-cache-tag
624237704448984462090471028767463012506,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
624237704448984462090471028767463012506,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
799
expiration
expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.mathepower.com/
content-length
104646
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200162-IAD, cache-iad-kiad7000098-IAD, cache-iad-kjyo7100043-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 23 Aug 2023 00:22:05 GMT
server
nginx
x-timer
S1696360859.997244,VS0,VE2
etag
"f3478fa97c2e81b66d470a944e9686c4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 20, 1
a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f06e995e4dc83d1edb761524da0dcf7bd79b0cd59a575850194b66c3a61796f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 03 Oct 2023 19:20:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age
1275979
edge-cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
205
expiration
expiry-date="Mon, 25 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://games.espn.com/
content-length
37056
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kjyo7100174-IAD, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 25 Aug 2023 17:08:17 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=600,obytes=1177283
x-timer
S1696360859.332345,VS0,VE0
etag
"0ec732c9c56a789a455588321467fe27"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 9228, 2
46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40c2dda7f80a37363f89d43724bb2c00820758060ac342f66d1689be7737040f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 19:20:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age
554729
edge-cache-tag
449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
118
req-referer
https://www.gazzetta.it/
content-length
7354
x-request-id
ecb9eae3cd2ba4fc98ed930a32b6eabc
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000065-IAD, cache-iad-kiad7000165-IAD, cache-iad-kjyo7100147-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 27 Sep 2023 09:15:31 GMT
server
nginx
surrogate-reporting
width=635,height=352,bytes=15435,owidth=635,oheight=430,obytes=258520
x-timer
S1696360859.476320,VS0,VE2
etag
"9eef29181348c91fd85eeaf4c8fef123"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Tue, 03 Oct 2023 19:20:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1865797
edge-cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://joydelivery.com/
content-length
89246
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100068-IAD, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 16 Aug 2023 19:59:42 GMT
server
nginx
surrogate-reporting
width=1344,height=746,owidth=1344,oheight=896,obytes=2183212
x-timer
S1696360860.598050,VS0,VE5
etag
"ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7, 1
9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01bb7f1459cb1ca872a96ae3f39703a771b599a2690d60ae83b4f361c5c56349

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 03 Oct 2023 19:20:59 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
age
2223999
edge-cache-tag
565218022308872277084972768976654244803,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
565218022308872277084972768976654244803,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
320
expiration
expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://duckswire.usatoday.com/
content-length
68200
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200082-IAD, cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230085-FRA
last-modified
Mon, 14 Aug 2023 13:43:57 GMT
server
nginx
x-timer
S1696360860.921425,VS0,VE9
etag
"721e223d6a9925c980e72e76d9ca7a74"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 63, 1
a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4cc3c276bb1787b7080ea3cc296a84f7d4dcf781592ad14cabc3ec9ff497d682

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Tue, 03 Oct 2023 19:21:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age
1275981
edge-cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
214
expiration
expiry-date="Mon, 25 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ouest-france.fr/
content-length
117914
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kjyo7100129-IAD, cache-iad-kiad7000032-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 25 Aug 2023 17:08:17 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=600,obytes=1177283
x-timer
S1696360860.001523,VS0,VE6
etag
"0ec732c9c56a789a455588321467fe27"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1305, 1
46c4bfc88edd35b898ac6b5b5d7fdf61.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6090302c974abaf082b19cafc3af71e27c761ec5b07c98f4f19ba4b59af9d0f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Tue, 03 Oct 2023 19:21:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46c4bfc88edd35b898ac6b5b5d7fdf61.png
age
554729
edge-cache-tag
449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
449086405388078158053108571683208432630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
243
req-referer
https://frequence-turf.fr/
content-length
15790
x-request-id
ecb9eae3cd2ba4fc98ed930a32b6eabc
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000065-IAD, cache-iad-kjyo7100101-IAD, cache-iad-kiad7000044-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 27 Sep 2023 09:15:31 GMT
server
nginx
surrogate-reporting
width=635,height=352,bytes=15435,owidth=635,oheight=430,obytes=258520
x-timer
S1696360860.001423,VS0,VE4
etag
"9eef29181348c91fd85eeaf4c8fef123"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
view
securepubads.g.doubleclick.net/pcs/ Frame 336B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufODU_CCzXt_nwj8845v7IJ-syN7et3Y09dC5LTOHSMQlR48oD3ou3NcpXg3DT9N3_cTtI51UEka_rC3hw1QS9EZAG2B21F6gPXK6nQikk5iLwlXPg8uQ4kkAaIxAmZpecADIIMijYmJS5k2v1_2G5Um5YL7dRcU_LzuLJjKauJr4Ttz8dZFM7eP35wHEOo_DXZvdZUWqmBRDE8hmbouqMbBs8JAeWuWeEZEK_1mxthRawSWz6GjPO1c9PSOMVsAwvlwxiXgsW4Wj2vRlYpKS1NV1REsIb8H2hPQ2QW2dwZ1DwxjXxXN_WrRJVWIB9jt2-mw&sai=AMfl-YSkRk0sSjw4Xj6skuU5liJfiZkkrWr6jqRG3XRz4bgM8WIFOg96CagLQAjNIqbwdyFx3XFMxATOVLnwfm7auDKNJnU2CQUlGyToD99j9nANNouARDs4WD6dacXd-jjlON-tf_ZQp0q71NtfCtU&sig=Cg0ArKJSzGED8-gARC8wEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 03 Oct 2023 19:20:57 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:57 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 03 Oct 2023 20:20:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 336B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:20:58 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231003
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478bf656d14a54eb37d140e2ab2035b97d3f48e9eeeae540661f1a0f4c44bfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12008
x-jsd-version
1.0.1832
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-bAvnhruO8FNgjanV9h+ubvs0+Zo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toF1EyTi0k9QQpekwA5v6Gj%2BY4wW4Z2Jl1djsvPj4iZsJAvGXvWpmWExVwGMTeleEPV5TfgJzJ7mxoSgs6ToDUQfX3xttLp8zBj8ZdPCuFBmLyyas1un09f92pFGg5sJgDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81078ba72830049e-CDG
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 19:20:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.160.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-160-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:58 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b3ff9bec45a453cbb9c8a29e68449d3323f21bd9a85b27ecdf5aee7bee520c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyI%2B4apG5ok%2FlTXm%2FZmLhjWEohaZrqweQwKyMYrutFxGi9aIfwiaNTi5mR8rhg1qGmnzp8XtoMDGU3F%2BGI4cDBkvHmZSfeKg%2F0wM%2BGOx8%2FGD5%2BDrTzctTU4j1WqJLzARUWnGUsx%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81078ba95ed70211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b3ff9bec45a453cbb9c8a29e68449d3323f21bd9a85b27ecdf5aee7bee520c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7NdMjVkkRrMFBMC0noIjEZuLasMAVK2Yf5qNduMG8NW5NWsadnyh5GYaxU7q1EJjPc4JcATLsFsA%2BW6zVC0OWnHTfxuG9Qhi0DeXevBEY0yX%2BPne%2F10Jg%2FXz3b1Nya6gFgDjHKR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81078ba95edc0211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b3ff9bec45a453cbb9c8a29e68449d3323f21bd9a85b27ecdf5aee7bee520c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhOFhLB%2FgdegKAnNoJEAW%2BJiwd4xlIoOchPWnJolkLQdWmFwr1%2FQyvSCUbJ5%2FajgN0Gkr1YEYzjvhA3qIcWcftu8PjQD98%2B4spYMzhN%2Fr6LA2LNBVlUHrHxqt6lBZ4%2BbPJLWoF0p"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81078ba95eda0211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.141.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-141-122.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a9a0b4f709c3e13dc8e7457a389518bcb2f697ee2791a72cae9b9f10e1808dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Oct 2023 19:20:59 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
9812
adreq
ads.servenobid.com/ 		981 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8400
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4dfcff1102e90214c00c627d7d4f5ae80af74d3069515a588711a98b1d3e0c33
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:58 GMT
an-x-request-uuid
3ea84b4d-6dd5-4589-b986-11ef32c2791b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
256
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c5c6d4292e2d0439f3e5417b8676ce9fb4f8f1a3244f03f429e166e9caf48e32

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 19:20:58 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
66dc4a429a90befdec96c1ab1e414d99552fb0e5e4acba0bab288fe8c10b7b4a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81078ba46c6f9b45-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81078ba46c719b45-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=91262353381&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 19:20:59 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:20:57 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
7
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
079b184279ccac0f38209131164c312234c0067ba99495e224bcc7fa1dc3c315

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:20:58 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 03 Oct 2023 19:20:58 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:01 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 10 Oct 2023 19:21:01 GMT
next-up-widget.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa64ff458d93e79b8853fd55ac7a09f6d6d1e102382f334d50a3c42c21717ab3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IMDiBh7szuKfUj9sEVXzA.xSBp1zyy88
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
XXTF1K1KVENZ2MYM
age
31048
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
Nl8ZUaVvtN4i9hrBkC9DWal/+p4s17BCh5fHc/W9iKXKxfxtSJZWIja4BCc8sKYKrjUeygFlbwg=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:43:30 GMT
server
AmazonS3
x-timer
S1696360858.705924,VS0,VE0
etag
"84f51f780c53b0f58e0691c8ab013e77"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
40
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10394
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A9596%7D%22%2C%22eventTime%22%3A1696360857715%7D&tim=21%3A20%3A57.715&id=7750&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 18:59:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Oct 2023 19:20:59 GMT
spa-detector.20231003-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231003-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a699c50dfb7042fb0b8b00489e1b467d26cbfb1cfed4c584503d4413f0eb30d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LzXVyPfXe1o2SjcbV0oH6UQOzX1jm64K
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:57 GMT
x-amz-request-id
ERJNQFMZYKF5TD3Y
age
31026
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
/N3jcSrDBY3Y05AT5VhHzXsk+3vLULcEApMv4ZbgbCyRKK5oo6Xvn7ov6Qm/yanqAgZAHkbc8wc=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Tue, 03 Oct 2023 10:43:53 GMT
server
AmazonS3
x-timer
S1696360858.810352,VS0,VE0
etag
"e2c37488fa879cf24222a54a1b5dfc8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
51882
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A20%3A57.782&id=2951&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696360857783%7D&tim=21%3A20%3A57.783&id=626&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A20%3A57.785&id=9898&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696360857787%7D&tim=21%3A20%3A57.787&id=7989&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=2888f8fcdcbad20df96c85e27c57b465&sd=v2_1e8039bcd67740d88f1c5bd0e22cea3a_fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17_1696360855_1696360855_CNawjgYQ2YJdGJ3w8bevMSABKAEwKziy0A1Az4gQSJCL2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&pi=/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&wi=-3521369412662078886&pt=text&vi=1696360855581&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.171875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A20%3A57.813&id=8219&llvl=2&cv=20231003-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Oct 2023 19:20:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=21%3A20%3A57.823&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7953&cv=20231003-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
66492
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=-48&tvi50=12238&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
79
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64071
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1696360858.061039,VS0,VE79
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5899
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUI4U1lMQjMk%2FQYhf5Y%2BDpQAYjRSD129fo0wsnEM9z1Q3NbHO0v2mzjVjSuPtWwcTxsmJ%2BC8h3mEqankmg5Kl6DrOosWVI9OtmNM0%2Bw3qw2PdtcG0lfh1hY8I%2FiWNYIZfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
81078ba30830368b-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a6fdcca2c798f4c7a89a90a7cb30385af534d3f7ce1b0b638688308e0d0cf5cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:00 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.11122171040578444&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:20:59 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Tue, 03 Oct 2023 19:21:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age
1210404
edge-cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
209
expiration
expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://footballitarin.com/video_page.php?id=127686
content-length
7746
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000088-IAD, cache-iad-kiad7000084-IAD, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 24 Aug 2023 01:18:11 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1344,oheight=896,obytes=2183212
x-timer
S1696360860.399367,VS0,VE3
etag
"d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 13, 1
9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c576fdfe5a6c400ea517402141cf357eb3c0b9ec3bec05a0a2ac8e0d1993ca1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 03 Oct 2023 19:21:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
age
1848838
edge-cache-tag
565218022308872277084972768976654244803,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
565218022308872277084972768976654244803,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
421
req-referer
https://doggotv.com/
content-length
7238
x-request-id
1b63605707e81085a819b3bdbcb722a0
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100041-IAD, cache-iad-kcgs7200152-IAD, cache-lax10632-LGB, cache-iad-kiad7000027-IAD, cache-fra-eddf8230085-FRA
last-modified
Sun, 27 Aug 2023 18:42:41 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1440,oheight=1080,obytes=396228
x-timer
S1696360861.793517,VS0,VE1
etag
"61a2263875f5f97c4f2474c0edbfe0ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 9, 1
a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8122128001fb61ba3e2db9a2c8b47e30d857145dc7017157e6f8c20d3fe928

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 03 Oct 2023 19:21:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age
1672759
edge-cache-tag
603464470960477801790457014709346231010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
603464470960477801790457014709346231010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
126
expiration
expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.koreadaily.com/
content-length
9056
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200134-IAD, cache-iad-kjyo7100065-IAD, cache-iad-kiad7000077-IAD, cache-fra-eddf8230085-FRA
last-modified
Mon, 28 Aug 2023 11:11:25 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1000,oheight=600,obytes=1177283
x-timer
S1696360861.988919,VS0,VE2
etag
"849008b74f984a8816fbe7bfbaf6a874"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 392, 1
impress
ad.vidverto.io/delivery/ 		52 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&referrer=&async=1&uid=7484047722&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c339c7b754a91a679a77bf0d2166a9f63bdf0fa62874afbf3ecc4113a898ee00

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 03 Oct 2023 19:20:58 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
truncated
/ Frame 336B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
732b417ceaf8860cd41ee343c5bb32c67eaf665a7356477ff74d81161d869c15

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 336B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhpgwqgrc7dzDc83OO2O4tRmc8JrHaEUDqTzkYEK3mU9nXipjMoq0ZLQDKL4pTnqRElt7W8MWAYXJ-lhkitFfH7c_ApV9uGZXc8xMZcVSFEllF-D-DbDhnxODdI7f6e6fPSZlfP-CMyw9fsP20ka2msaJs-Dl8DQFZbHgVkHkMc4CM3cdJEjksnxVOJHTnenwasrY2jjcgx83wpAaN4U6IHrSnbILtEZw8RlvwdQAkU-j3ONdeBud4a0LiaGjlh7RDaSavL69E8_3fKdbjX0y5OdVtmpVPfa0J8k39i3DUYsavNqmxdmWkyuDmN59R4LVQt6fl&sai=AMfl-YR8MAq3-mFHIuKW0AO8UHoPTBF5vK9FCiwU5eHRK7avgH7T8axYNQipPi0-oxTVBAqmIXNxvsWidOKNt8tgqAMy47bVjRtK9HhL0ka8H_rmCyYw434cfB_ogsKNpcig6PF7DCPsZ-u7Vhc3oE0&sig=Cg0ArKJSzLXPbMbeCgC3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 03 Oct 2023 19:21:00 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-192.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 03 Oct 2023 19:20:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvY2hhLXNhbi16aG9uZy1hbi1qaW4tZGFuZy16aG9uZy15YW5nLWNoYW8tamktbHUtYmVpLWppYW4teWluZy1ndW8tbWluLWRhbmctemhpLXFpbmctZXItcWlhbi13YW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvY2hhLXNhbi16aG9uZy1hbi1qaW4tZGFuZy16aG9uZy15YW5nLWNoYW8tamktbHUtYmVpLWppYW4teWluZy1ndW8tbWluLWRhbmctemhpLXFpbmctZXItcWlhbi13YW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 02 Oct 2024 19:20:59 GMT
date
Tue, 03 Oct 2023 19:20:52 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 03 Oct 2023 19:20:58 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
17598
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1696360859.841761,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
6
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
9308
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:58 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
1971
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1696360859.920015,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
8
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
15068
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Tue, 03 Oct 2023 19:20:58 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
7149
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1696360859.919949,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
41
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
10306
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=-48&tvi50=12238&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Tue, 03 Oct 2023 19:20:59 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64028
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1696360859.103663,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
onetag-sys.com/usync/ Frame 4D39 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
ed82a994c5ecab06cee589d027b97ee49c0e7dc79234afb742433a69813eba9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1439
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125651
x-xss-protection
0
expires
Tue, 03 Oct 2023 19:21:01 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 03 Oct 2023 20:20:59 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 03 Oct 2023 20:20:59 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=f923843e82ffefd5e27bf434aa4bee22
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
30d4b5c37756882cba7485ed2fb9aa7584706169e009301a994501fe42d79759

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-160d1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 03 Oct 2023 20:20:59 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 03 Oct 2023 20:20:59 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		284 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 11:42:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fefd1c-47038"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 03 Oct 2023 20:20:59 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D4cce4a08-7398-48dd-8b11-2764ddfd7d1f%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&p_id=23
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&p_id=23
date
Tue, 03 Oct 2023 19:21:01 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=0880f86d-8537-4015-9abc-b23c27dc500b&p_id=15
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=0880f86d-8537-4015-9abc-b23c27dc500b&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=0880f86d-8537-4015-9abc-b23c27dc500b&p_id=15
date
Tue, 03 Oct 2023 19:21:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Tue, 10 Oct 2023 19:20:59 GMT
/
pips.taboola.com/ 		4 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230047-FRA
date
Tue, 03 Oct 2023 19:20:59 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		269 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1058cdfa38c45f034e6a9672f95620fe705d6e5587d4573626ad01ff252038a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91577
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 19:20:59 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-192.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 03 Oct 2023 19:20:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
st
imprammp.taboola.com/ Frame F3E6 		422 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&cmcv=&pix=undefined&cb=1696360859729&uv=3344&tms=1696360859729&abt=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9187ec73-96db-436a-a1fc-76231cc08939&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
37bdaa64522184e5645d484dafe560e36977daf6956bf66c38540bed7d5b9654

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 19:20:59 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230085-FRA
x-timer
S1696360860.758405,VS0,VE171
sync
am-match.taboola.com/ Frame A9E5 		577 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c9373b0f25e4d2a564d4c9b945e0f371e2ab64a858ee7dc025a16c332012c687

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 19:21:01 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696360859738&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1558&pt=1133109161&tz=120&viewable=true&ddast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 03 Oct 2023 19:20:59 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1413
x-cache
MISS
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1696360860.767888,VS0,VE165
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&cmcv=&pix=31589837&cb=1696360859729&uv=3344&tms=1696360859729&abt=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696360844684.8!ts:1696360859729&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-length
0
server
nginx
img
sync.mathtag.com/sync/ Frame 4D39 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:01 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 03 Oct 2023 19:21:00 GMT
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=211986550558328471
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=211986550558328471
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:00 GMT
an-x-request-uuid
9cda8e32-7f5b-4b4a-b591-cee0d045385a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=211986550558328471
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696360861783029-417
Expires
Tue, 03 Oct 2023 19:21:01 GMT
tap.php
pixel.rubiconproject.com/ Frame 4D39 		42 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4D39
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivb8iaTTOH40RMadRvE3VzNNVfm1ss9uYw
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivb8iaTTOH40RMadRvE3VzNNVfm1ss9uYw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivb8iaTTOH40RMadRvE3VzNNVfm1ss9uYw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=5294539708228200926
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=5294539708228200926
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=5294539708228200926
date
Tue, 03 Oct 2023 19:21:01 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 4D39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 4D39
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=oj5_VhVi-XzeCR5LsEfQdcsgbaF4u1iKjRyVZg0A7ig
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=oj5_VhVi-XzeCR5LsEfQdcsgbaF4u1iKjRyVZg0A7ig
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7RC1G3NGMR7K11WFFR5V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=oj5_VhVi-XzeCR5LsEfQdcsgbaF4u1iKjRyVZg0A7ig
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVEN0Y2NTEtQzRDQS00NEJCLUFCNjEtNzkxQ0YwOUFCQkJF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
date
Tue, 03 Oct 2023 19:21:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPoWnfhjnuVlXm5o5h9vOKA&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPoWnfhjnuVlXm5o5h9vOKA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPoWnfhjnuVlXm5o5h9vOKA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
date
Tue, 03 Oct 2023 19:21:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 4D39 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 4D39
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685629981899883&expires=30&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 03 Oct 2023 19:21:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame 4D39
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs&p_id=5
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs&p_id=5
date
Tue, 03 Oct 2023 19:21:02 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9jaGEtc2FuLXpob25nLWFuLWppbi1kYW5nLXpob25nLXlhbmctY2hhby1qaS1sdS1iZWktamlhbi15aW5nLWd1by1taW4tZGFuZy16aGktcWluZy1lci1xaWFuLXdhbmcuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWQ1MmRlOWFmLWVjODItNDU4My05MzJmLTZmYmE3MWVjMDcxMyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJjNTI4Yzk5NS0zNDJkLTQ4MzEtYmViNC04ZWM0NTc4Yzc3ZGQiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk2MzYwODU3NjA4LCJiaWRzIjpbeyJjcG0iOjAuMDIyNjQ0MDAwMDAwMDAwMDA0LCJhZElkIjoiNzU2NTI0ZWFhZjExN2MzIiwib3JpZ2luYWxDcG0iOjAuMDI2NjQwMDAwMDAwMDAwMDA0LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjI2NDQwMDAwMDAwMDAwMDUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjIzMzgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2MzYwODU5OTY4fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFkbGl2ZXRlY2giLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc1NjUyNGVhYWYxMTdjMyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMjI2NDQwMDAwMDAwMDAwMDV9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImM1MjhjOTk1LTM0MmQtNDgzMS1iZWI0LThlYzQ1NzhjNzdkZCIsInRpbWVPZkF1Y3Rpb24iOjE2OTYzNjA4NTc2MDgsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfV0sImNvdW50cnkiOiJDSCJ9&c_b=15438
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=470035721814119&correlator=3610990354977738&eid=44714449&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&arp=1&abxe=1&dt=1696360860137&lmt=1696353660&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsknrkjY30IxwvaPYs3QCqZbU5HUu41jMHdWDPITPyQ9&ga_vid=1308101982.1696360855&ga_sid=1696360856&ga_hid=10720756&ga_fc=true&dlt=1696360848121&idt=8133&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26refresh27Split%3Drefresh_experiment_pv%26ap_refresh_type%3DAV_1%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_e&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8d5714293bda6fed03b6141d6fb1d04998b25ce09c1d165c0f5fa40055377ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12651
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=470035721814119&correlator=3610990354977738&eid=44714449&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&arp=1&abxe=1&dt=1696360860141&lmt=1696353660&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsknrkjY30IxwvaPYs3QCqZbU5HUu41jMHdWDPITPyQ9&ga_vid=1308101982.1696360855&ga_sid=1696360856&ga_hid=10720756&ga_fc=true&dlt=1696360848121&idt=8133&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_12_0%26cluster_reporting%3Dchrome_DESKTOP_12_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D756524eaaf117c3%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_e&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ed0ac09235c90fabd110607c8a353ed24add03252f7ea170357b52b0c0bcad35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12403
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:21:02 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3a20&_p=10720756&cid=1308101982.1696360855&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696360860&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=%E6%9F%A5%E4%B8%89%E4%B8%AD%E6%A1%88%E9%80%B2%E9%BB%A8%E4%B8%AD%E5%A4%AE%E6%8A%84%E7%B4%80%E9%8C%84%EF%BC%9F%E3%80%80%E5%8C%97%E6%AA%A2%EF%BC%9A%E6%87%89%E5%9C%8B%E6%B0%91%E9%BB%A8%E4%B9%8B%E8%AB%8B%E8%80%8C%E5%89%8D%E5%BE%80%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 19:21:02 GMT
cache-control
no-store
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9AC3 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
efff5d9a4d65b13c68341b970fb6800a45634d8fbbd9246280153f9791fbd9c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7892
x-xss-protection
0
server
cafe
etag
6160272649409335344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:02 GMT
generic
match.adsrvr.org/track/cmf/ Frame F3E6 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&cmcv=&pix=undefined&cb=1696360859729&uv=3344&tms=1696360859729&abt=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9187ec73-96db-436a-a1fc-76231cc08939&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17
pr-bh.ybp.yahoo.com/sync/taboola/ Frame F3E6 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&cmcv=&pix=undefined&cb=1696360859729&uv=3344&tms=1696360859729&abt=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9187ec73-96db-436a-a1fc-76231cc08939&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.254.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-254-204.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame F3E6 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&cmcv=&pix=undefined&cb=1696360859729&uv=3344&tms=1696360859729&abt=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9187ec73-96db-436a-a1fc-76231cc08939&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.69.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-69-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_4_4/infra/ 		882 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_4/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
997ed3312525b858b8e31651116282e7cdafa96a7223e8313f688771c8f57bc5

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696237983
date
Tue, 03 Oct 2023 19:21:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Q9BPQYP0K78F4QWA
age
122744
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696237984
x-amz-meta-mode
33188
content-length
147487
x-amz-id-2
ONqAKcvqyUsvKnJ/l9hyP8REyxMLghbWPHeXhwlPnZA0qiUsUjr6/ZFg9fWPI52rvPAqJmvPVMQ=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Mon, 02 Oct 2023 09:13:05 GMT
server
AmazonS3-br
x-timer
S1696360861.198502,VS0,VE0
etag
"557da0f0c470c79b3be19bdbafad6e9a"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
4405
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_4/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696238000
date
Tue, 03 Oct 2023 19:21:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Q9BTJPT47P3MK9AN
age
122744
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696238001
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
uDCvlqV56YpijosDeoBdHjWEkOIg0pgcRICYuUmWIG4HclHl87yELC6Es32/bVFX16uEd72yoyo=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 02 Oct 2023 09:13:22 GMT
server
AmazonS3-br
x-timer
S1696360861.192155,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
71680
container.html
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E58 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:20:57 GMT
expires
Wed, 02 Oct 2024 19:20:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame FDCB 		714 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
9178
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
81078bb8abcc368b-FRA
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 19:21:01 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um5WkFKYi8YeTTKC4hRd3ZMDJxHoNvJxX8rrL4y6YlkhzzqaE461j5LiEk5WyhI1VQNT16NRc3p12ngx5zI6rAFgzq8plOlJDK%2BkZwRBJSJT6NdN1DH%2FXK5Qz4OPOgbEtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2DE9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 19:21:03 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Oct 2023 19:21:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
0
0
container.html
5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 814E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:20:57 GMT
expires
Wed, 02 Oct 2024 19:20:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1515468
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1696360862.023757,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
10714
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/ 		465 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696237416
date
Tue, 03 Oct 2023 19:21:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2EK0MFKQJ582WGF5
age
123377
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696237429
x-amz-meta-mode
33188
content-length
89004
x-amz-id-2
uWnSXRPNxYC47yYqArglm/Yl1WFzirwr1h4h6dCkk/tO4FFf9RUbOHfsYVNsTCpw+wNcNXoFYxA=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Mon, 02 Oct 2023 09:03:50 GMT
server
AmazonS3-br
x-timer
S1696360862.083554,VS0,VE0
etag
"585652628115b4409d6c93eb98f8e63c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
87514
sync
am-match.taboola.com/ Frame 9042 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
37bdaa64522184e5645d484dafe560e36977daf6956bf66c38540bed7d5b9654

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 03 Oct 2023 19:21:02 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&cmcv=&pix=31579697&cb=1696360862037&uv=3344&tms=1696360862037&su=3&abt=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-length
0
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FDCB 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
237e69271ebcde605907b6671298abdbd000827e613ea11113c74e9db3856a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29312
x-xss-protection
0
server
cafe
etag
957 / 19633 / m202309280101 / config-hash: 18346230598739657090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:02 GMT
generic
match.adsrvr.org/track/cmf/ Frame A9E5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame A9E5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32637

Redirect headers

date
Tue, 03 Oct 2023 19:21:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
content-length
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 03 Oct 2023 19:21:02 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1178796
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1696360862.149612,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
39826
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1081 		478 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjlxojGATAB&v=APEucNVHv9bfjIB8Ul3Z4S4_-ckpBtq8JhFgpe7lOP9RZVyaG4CAZt0gI2IzMChBCGTrkQO6svb9Rvva0cS_UufS7kns7UAniQ
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:21:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4E58 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E58 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_2IOo9T3ibs1bOofouqa-Cpo2MaYqj2U_CGk5MVgVJondqSY6LoJ6ne1T3E_5IrXNitlezoLM9piS1pOwXd8gzYmX53bmXY7wH324oPPXScR3AGk
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E58 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7970372024465318405&x=1&ct=77
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 4E58 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:21:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 4E58 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:21:24 GMT
l
www.google.com/ads/measurement/ Frame 4E58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeUKf1O0CwSDSs6NFR-ZRCy68aaeY_BoSY8a2x4_GWMwyH7CuPykDs4-fFLChr2a4R7b82FI4pa9z_U1G5S35rZ5KUkw
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E58 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 16BC 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNVmh9jYVdSNFq3_xCM0bjWvPkFc7RfXVDy7OvL92uALQCv9kpcNteUkmTRBkUDHt4acKLp_lMmp42db67oMOpWIFoT0VA
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:21:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 814E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 814E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzOGxL8dVIYoHZAHVNgnYLdR5GXzbsPO-WjZFLp0bm7JlQHkYOrRlmYpOQF0cSCaa1lc4Wpc9K4imG45cafxRccozGZmROThHGN8f4fTdo3I-BSYM
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 814E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9941374833555605627&x=1&ct=77
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 814E 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 814E 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787112&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7-f6LGIEdq24u-aOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY_IE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT_elr9-nZ015IIsLRN6k8Y1GPSxyRp2_GX-S4dGz9_EzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcB&ae=1&gclid=EAIaIQobChMInND-08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD_BwE&num=1&cid=CAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE&sig=AOD64_3tRItVVSnMFpFj4w_Yo55Th-sF3w&client=ca-pub-8933329999391104&dbm_c=AKAmf-DezW3ZBiKnEfCHu-kkq4KPK3eQMe0BYO_p935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt_aOStThBaoPcndhScJxFj6xeFVwsEw_xvfyErV0pWW9q6TrDMy4y8Q1xw_m_IlReOCRumd4fbIbM9vk1152YLM_olMJNnhaFfKzkgIY&cry=1&dbm_d=AKAmf-Dvz6-GSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr-uRkSc4BzhOD3XSslMtqv_eForZMvDqo67uNtIWno8gHaoaIqgAW_lo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW_zSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq_hKw01STs5Q1PXLO2rObsxhQfPkh_y-MNp_K0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV_nmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n-IpothTGjdYDoS_ICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ-rYnujYoiuobixZdp2B_aA7QDYkA9taJJlsERcuXD3tf-aHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA-JqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2_Y-JWb64BFS_SbXKt9AxN88ondq90G9b-s31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0&adurl=
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c7e0a3b980b338730e6d6eabb3de75678f1584de02de120d2f8bd92a8f2f04a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Tue, 03 Oct 2023 21:21:03 +0200
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 814E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:21:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 814E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:21:24 GMT
l
www.google.com/ads/measurement/ Frame 814E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_vevCHsN3kC0B_L7NgWrbYMYd3sBf7vV-FXpoZBdCv6BlB0kE3zSHU56PBdfI53BrXFrMBwnViLK3ndZNHuNE9LjFkw
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 814E 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:02 GMT
usync.html
eus.rubiconproject.com/ Frame A19F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 19:21:03 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:55:26 GMT
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
lGuNDPMCfjJR9aynDeZIiJt_JnKgkN4oIwQCoiP0dECHgcA_ml-9eQ==
prebid-request
onetag-sys.com/ 		15 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9AC3 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
d8b482d21ecd1a58eae9fcb1e255e3ee415a5da5821a219fc5c4f014e923d717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50645
x-xss-protection
0
server
cafe
etag
18124320794624982203
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:02 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9042 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9042
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/fcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36817

Redirect headers

date
Tue, 03 Oct 2023 19:21:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-8y7LuOBE2oTKoijev7hhAH57a12s10WG0b7Gzg--~A
content-length
0
sync
x.bidswitch.net/ Frame 9042 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.69.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-69-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:21:04 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ Frame FDCB 		413 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:13:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
11246
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 16:13:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E58 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2399680597954&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E58 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2399680597954&version=m202309260101&ct=77&x=1&cor=7970372024465319000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
ad.doubleclick.net/dbm/ Frame 4E58 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-B291cTzF8pB99W0uC3Jr3BiFga9ZygN0FZE9UoSr-JCIjf1dGehcQTUVdW2uhEpg3fpJRfrPWbJhqYpX-ABKsXEhqP0xw2nd-WwOVXD9JqKipr7_bAs1TmrE5HPwZb14yA3mpODRdkmfBn2EOW8qRDgzRcbUaqKWVo8SetqjaGxWwM2ok&cry=1&dbm_d=AKAmf-DnAPR5U4Qyr2woQ86m4hcTga7prhBUzL_GGi7oj91rmuSAyLY96Y2_KnSx_038EJ6KYzn3uH9z6I8POCpZiofcgUTXmwU6jlxeZSaCW2jEovGaPj0YB0P27HqrhOnFMQP1WXTHKANX7fKG-8aNIMAwz-OI2-lwqjdA3FQNS0Kqp835qrd1Aq3khZ2RaqmsC3rlzQa1TWubJHrYw9q4MxONzr__G4xQQt5Qnj1u799JpfREpCE3-eujDDPF-ssBqEv9W-T3i8es_4WS5PVYmX5XdrSGappOm10I_tBfeD1_9NPZbiuSVzhg4_Bpz5-aoMBEyIDCpEKVeMPN_pbf-BwldA4NfwnjvvtddW6TVVjk3cv2-4iqcT9ARe9-jOZ-C5acDuxs3e6FkMppvqgyIYhTgj1oW4-ECr0EV5CyzjSkdWNR-eO5vTjYoLuXuKDp7NHo9RYCSxe8ds_P2WMQobRiOuOZoQJl7vbQPqKWcgQGz-HBT2t4m-FH2XbEVMyiD3shKF-KMWdmAbCtvYLDT6lBb52Nihl7s5I4BDBg0eI1Hlvnrw-GH6XQF2GN2K64ttZCOVlST9jOi1JbURrTEIrMkdkrPIlosSsgcurrjOuq_o6EyLN-3_k32Jn8NB4DzQWlY7oxO6cLVdmxtNBqPMRbPbkp-08LP6Y5WaYKO-Lix2x2aHFBJv5zSmfDmKmp7wOLTMgRut2KKqBSjyFwIHLo_K7Ingnq2Hhx5NTR1IPlaZX-fs5R-uJHf7aw-aCgYNQ3xobcI6HWhrExchB_R_kFCTXTb2_Wu82DIIAVX9yG0TUztAmhbzZ1InEUYKQ-gFuDmpWBVhbwDZgLbsW8ktw9Y89S95plVe2cIjm1hOpS4Q8vEuFaBL99FOaBuo__jNqoiOkbhzBjEism48xC-A_D2OJt8XKgdAsOl8WU-XKDEur-pwK6XINYKzY275FJ1O8s-22YGziz8j6iHvRRmQwDVIqFTrTKUWeXvLCqa3Jo5iTn54fb5JqZrwiNTYCv9X_l7Z3rBORiXHLjOInwnyxa1oOFW0IZ7hcrgISpyQuBvHw5FfExtS_7qHpG-Sjl3nIeS-v6__a2ZTeNL10i2_kbpipkowEE8in9MlV-LLptUzm1u0R0Dvp2kw6Ay906NwZU_58iPCqzjjUOTVSyu7vMS3i2J6COpIS9u6ziLA32cFp7r33UUyK1UPd4k2aA0NEbGi0H9X2Rb_u57s8GNXa3P33lhA4huq1lmr45ti07o38L1vqcc8da7poAjVtW9zD79tyIwccbWJ7peLD4aNvB98XuvyIWbVZGS42MoTfSg21aVZtcXd33C7OL1HV68kwGhWkkWthudvw_nDnmhMQZrwZ8vCFPEeV-Oi-71QTmvz7h-Ecgvhlip2vpO2KBhLanwsdpnAWmwTgSy7-YZehb4FT5VUVX7hOpyWwm7DVnkbuFBSzKlgk5XJ2haHEcRpHpYAfWleg3sLf_WIWSkoNES4_Ca5Eh_cfOLU1S0MSAM_bu8Q-EzEnQXQUJcLb6T8t4ynnAtiDK0bJF0VTTwvXUolhnAiAbVkRHUjy2z4uowQt89efmCFMRUf4Z6b2QPSFnvXURCLxOvhDbSCi0wyey9JSridosHYFBajrSKEmcQGbD9xkZVGyvhQB5tuTLB_e6DQyzqWc00m7dOYNXeuYmu-DS7ITPBoeMVpT_KLyRUdbuPaHCuXjwxBB2voxVfWYM9QvwxUwRnBC12Qeahvv9wuQYNJWmXkAMSF49hY7BgRO_R0hQg0XtxJHuIvaSYAC1oCs011xpPVkXNJPt6rfDV8K_298wZ02JEsidTp527BSV02Se8GzvbzZy4LDPbPODTR8St4zLoFqral3VOaMuuctzmFB2zsQHySB14JiiMkCIMPclyr3uxpC90ujqpRi-TIOvAX47XMma9oeQxpw-bdoRsMTVSEFVsjEnJ93oCX7MTS4FlEw0ITX-5yPEB_ZM6GYQIdO8AAsi2gsDll_QRCZVeohxuzkURslQC5kVjijUDMUJWbnv9YUgBX0YSs0W4bjGY4X3OnnWMuc6HDxE4PZKtK61cezlIuOnIxMYUQujVeMqrKuCUwpwcPenPiHdhn9TGOzvS-A_t1Is8WLXngfSrmDqjIe4h1TdtkJ_yS6a_JdU-vetmR0c0JIbEoHpGvdjDYLdZNkG8svwgg7xKKpcExgSTzyONo66vEF-McV5xnQA57Oeyvsz1ahex-728_KHg_NdBDHYwX7djH26A659IK5nyW44oXzjkRjKlLZfIrkNygnfsAI1DQHVvVdEPLGKk3JmzbzExy6DKzz_q1DXSRLG-mJeI3ptRORHI9u_Q9Ay_k-8-zmSbzqu04d1DCey8FPJvVkuRimdOn0yopUwTq0IcKljlgu8dPTuauozV_dR1SGUiUDlzvhK2hZb3fapvSkZpVUqFD40pStKxfYs31kHHlNqDPqhLJdy6Lo9OoDuM_g_M-8oS301CeWxYGr26kk2HgeQwtpymtXt0bzKrWEVxwbZMe69ASvy0O0JsbRH4oBKeE6MT-W87QsTr4MHvLz3cNNbq3aMJZedQTilxO7HUlCKR7WvOrasrLRv0o0pYXwAfeUZ1S4n2sFiZaTkWLFBVGriMGalDPZt8EMeaQCrIkkz8H3dbFKSDpFqj6Y9SdvBcPD0JBB5nwyjlAaaxjwaY-Qap7M_T7dYYynNNTztsS32pAnwy_HGx4WenQzDNT8sJhbVHtNpKjXwCzmCv6JjfnfNVDTigCTCHKYad-X0EGoCDA4PlSP1VwIqC8JMuFlWVmsXzhv9n4Zx-qTeeag9Va4pLTpGqoD-VwW_yhYed6kQASuC93qJ6WfkcUGQTSdI1tvj1YR6w6CjpTn5w8TNUGZ28R3zkCniTDbR2Ui5C0-vR7fCDHA2qwA7EE99GPoOAzrxYRbes5DFeAlcR2Wg4_vi5ZT37Ej9Y6icaFDh4Pby1myLkvVec0Q9bZ7KJSm5jG27SWoIuZszDE7WPM8Gg1559NhT_5dr51SuUdBnuNPNlDY51TI5IAzcFbnTek_C9a_LXwcitszF_gJ2BNOkRXWxQ4t1rCc4R_Rb7TVrIearPNHF4zeqMV2w-lZeUUfWHRP6JwX4juzARoX7LB7neApoOAk5Cq9CfVWzciZS8uhhkMbihQQ0TvsALczrMbIDApEaCzbZ00OLYevWIDvwWJOZru7Z4ZOOpcOfBgR9G2EFRAZeuCZyT6IRVnNETGrHVbFsz6ENA7FYQMt_A37ld_prFuEDvZcr7crsAH881ElYHaR-CiMQM2-JP-Or-29f006jAbmvF0tRQJOgyOgA4f62P-BWv8nNsx-vykGzeBN4xqTlRs-MoSIbf1jVFRlkCaMh5nCKWNoJgUjZD-AqG783dEF9Lv-3zdK6s2w7zho-OgIbMBcWF1M2eiv_0-gTbM0Ca4BI1K98ZXUVFsd-GjIBaGTItgWlY0oQcLhwzZEBbNSN1VQz14dvw8YmSXq46HZ7uVZT8-GyB3amHr7ZDbISwOSO9ZnQkVFp3Nb3LaIbdxGKS_6jy0cqGRAZ15WTY4p3sFwonj5v9_1bJ9mQwkvx-2pKLWoWGBTj4zeeDfh2nkLCL0nMJgKlcQC0mh5uaHGvc1qJdUIBWWjdPNosuzJ_KwTks7TzxCvKorQcDVZ-OHRQjUfRBM8J-zvQqAqP48sItusyD9OUmeSbJiaDBD7W_oDc7sY1Y7NbScnGEssj5aQrkDAn8flemBNpln8ZfkVjkWRAdg5s05ua1FwHTGhA8ScSBtQji3whK1QFCqmLPbZIAW4ejgHOkGJEredVlBLypooViDiBc3ZZnWZ0DnuAp6BbClfpSW4fzqLCJKGMC6syfDtfVW8wLxw_QuUKIvrr2_SZdllNrsVxvcg7IqFXLgYWFBYNaHnB5VxG-10_iUbiT_3_tuwjL43eskDpIrOGb4G2VAWNLU6rBZjZ1SkTw0YidUcqXn4OEIrOi6X0VmT4vtcmJSXbo_P4p1gqp9SybaCt3B_yTXBhnMjsdQCanPAOetXbGI7aNh54V6La_Fp81-CNyG4Sfa17_1Q3KP3oc5be11lMtrZg1X4bi-CUDrBmOZrvVx20j2mlw66riVzYYxCJjevA8Slxct_B1ZkAE3wtTDSrmdk_xR7IthY1IgnHyWFckh808x_BJ4_Du_Kb2-4iCNGZi-U&cid=CAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=7970372024465319000&adk=2086295851&idt=768&cac=0&dtd=59
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
d48c574dc29243068a8ec6fe360c38a99db9f0b3857337837349fc285a204853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696360863014&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1558&pt=-522233600&tz=120&viewable=true&ddast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1466
x-cache
MISS
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1696360863.041564,VS0,VE39
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 814E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6816572210231&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 814E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6816572210231&version=m202309260101&ct=77&x=1&cor=9941374833555606000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 814E 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR3b7KVXXpfz2PjtGjjAr2DCvOfhp-ALiK6ZuvkQQSaff0FSk7Sn2ZihqAWrVwLqibrUIsIwaxCmnApBNS_jFVimJh299qUye2GS6NybPqSuaSWCnZF8QQ_9H0Wy_BtVkiJGz8SkrFtuprofY9XZIqTYBx8qLeH_axeV2m3Pwwium1dho&cry=1&dbm_d=AKAmf-BcKGBX_OfuXPrA1S9Vltbm0YETAnAE5F7YPc3Rk8Ecs_3xTYkApUqMdr_L2dKXfmN_tEsgMrLTqP7CxDxqtL1QXbGDPvQKs72LCoHe9RB-YTbAbDKvQz_T1mlsB3z5qRZyBn0gyxPVpfFVAqQDTnN_HSbbmRtm8mTpuMqMwDuLIx3DgDVUNSoZJb0NepmIgf8LGD1caNO78GHOZ9MWao8497EPmv8k36tRtOyeO5MPCBZGzigcewFnAiLnayYJMKaBMFgKOyvwnFaIKc1FCuSEmRkWwahss4ItUEMdO43J9x3-MGqwXmSna3sPdj1Mih2uzgYtPffugVCfl44tQJjnjkg0yVbRH8LZFzwoU3oSrdyqxz8WnarvNouQdG4ei5N3gQ9r1oWTjlDXf-4U9CNAZI8IAmofa_-wpvGLz8e0qrQli-NmW4TdrBQXlkYw4I18_xFb7hA9Swm8f5PWOcW0urgTEDm7u56KqRLhshI6IVCuaLXuCRCUr5kIDaOmpptZFprpi076Wy55xnDDHeD5339arQegcuXdOQzS6iWp79B6hdLeegogZLELSogrpugnB27hAYQHjuGj8W6R1JVkRJ3ZgAsiEQqLQ6Ik0-FKBGL9pVhSU-m8YU_NFw8vBP-Bttf1tQ1E9w4Qydr5RzpgMNrtQgIteHLa-b0mF8hDXY-WuMKCZXrkhE8z2xkCcCAfOPTQHWZ6xeOiMCD7gJIxL7iwxh_3oAb1t7rfcnihJammtV0m91tK1t3_Ehl-a4SZouwT_ZC6qujDa8wxDD_o2XkUMrtZLpv1L4hCUsQLGjvFcODmIh9H4eEvy4_2iINQHKNeBwuSB4PCKfcTx8SJS9jqEmfzcUJ_aRrnKRQa3bVO4b8Fo846Y8c0W0we8knfqFG1JkNSb2ezpr6gA6oXQt7C8tK-vEPt289cyl6xHPQ3fVVCVW7icyMv9zNy4SdWMG1qqnVhA90boHSvcsWUsQeOuCn04P6gzj1ITes1w9ozx39GuDQdN91Fod8Nq4ZOvq1Sk6Cr8DNDPXdmpOJBNPgVoLLGvtGOYZwEEAHaphDxVj6nE2vRBmnQ7GVvEJeoyiamd8EI1Vpv46hBILE7wwSuuZjueHy9ZJrWuajsXSWjcxf6Pwmn4rO0-HxofzDwrtxFPeCUGaqGMEG-OFtLW0Tg_cH0YlxGHh63sih1J6P7g_r4u8eQY9UTtEfvacB6t2hsF1SLvkG_c8Ked4lDE6PIYVQL1Wb3LhJ7kJaW2FBca8N_2lUcTKoGbAqiWekJLAH3ATIKwmp0bqZnRHLXLdRS-Wyt5B1d-g59qJUfaUIGdcmNmuEZfKOjUo9LldNcxKD7W2dFe-bXvGZQi3Ixl-8An6Z64Ch8b4jNrHhpvXkFIXpU94kSLIfLKV4OEUlldlNj5QsoOCJPhtOplr6CR2O5Uq0qJocEdxYgoOUIIhRFjuQc8OwX0oBImcQKYiVZSBKHtLGhUaqSsT-f3ei9liEkqY9WudHeuzydUAPQnmNexXkwZiDv6vUmHW1vqidEOb4YG1VO9AJtX-tnBVOk4FvnqT0lXsYbFAb2_bbITLI1LHigWsWxYFEvHgxhAhY7u5MLGo3tb-6JNDBxuwnF6gA6Ojkd5764UQfWOs4xWF6H6BpKTIsbKrl2GK0uCVAZtscWKdTB0lFibad00KBlYlTAMUqK6pP8Njahkw0qHEViNDi6VVRYzgIIEw0HCj79jOGeUeJ7ReuaYQ8nHjyZtcMGsNSJ77xRyOHL3kMNs8pfOrDDupdwk6ipz6wqp7zhvN0D3LAD5uJf93EHJQ9PbiEPH2odE_yO8ZU51urMV2ybDt1NffxwbGXClAA2KUlkygWFIBYY3Rm58Jfp-tmXWsROtX4keZPdFi5Ka7qKyHqgY5R3kepVh5xbNlnli0ZRKsZiHv1tJPxGXxtY1K099CikhiskpSMWa4LitN8mINfeShXYL_weudjL5uebtmyQlJcZ3UCC5STkOkuyv44hSadFcKvePVWND4Zdis3xF2brd00zATgGWWsy4F53v66yQUScTnJ3r-kLATtu4i_FNoinhFWBMdgPmYlEbRoxy9xzKnx_2wFZSP4FGFirpdXS42HwiJCFyhF5kmZN7F5te5AbxV0sX1C0I7_KHVOR6QqjxJXXtEZGN3pGf7pyin4gJH8qtacrc_SLx-xsrGr1H17PHWfQJNTNWny82A5n_CWOvXgZj7XWc3afgsoBuur0zKJKPuoG5ghAwcWSflp_v252miMRljOMA64OuliT4SNyqrN2HX8IGr4MevGu3piJfmYXvhxYqFhegEOIb28S_nHxtHllOg5zpzwXdmKiOtFTZpV7SzC2C_yaLJeYMxF5mIvZvVH3Cofl-Q_uz9DDMs8SG5Bb1CJmbF8RCtggiihq-VLAOMKKJdu_kiunnr0hYBH5jfPz91uv9VltJ0nGatoNJrJ8-R5u4scsRLoNXFWkiC6k-MVX6GtJRgjroTHEsQOneaZuxRsQ97hbxYRou1MCh6RM_6jCJbd3N79P34gigcv1dBDuQWUWyNi82yGJ6d4SSHJ_pPwh9sxMSBIoaej3VvSwwY5fiRUjOhEpuBJAqi7Qrq-IpzMUKPdLrkAAGyB1XWCUNYWsQqIxT5F_T7WPUXCOPqZFKJrmxDllNXt9Z4cHCdX-pGBcIxQMRTQ6GXpIX7tka8-W9Fwdg-Gr3VLhv_l4WOYHkGmyeO5GAmIj-52dx9oeSiUlXkuTzix4Zru8mhlRGgqYoXnB8-BpmCjgrSBWBPnJax0EomFuHOJYUxr00rrHlTvxv1LrLiBFH7T14Z1nlj5nGQN1yXAJubG9x_inT8dRRQ26yQdsBQqIh119ZBSp61uR_qNxj1g5gp63o4Qa3Xz71TBcd_940ylR4tr_GyeIZ-tBzsG2ODh5pk3GRe7pVMwznnEj-f_2yp1IC4iqHLlguSWHg8cIho4V4y64cKNFPVS97FzLXfGgyAAy2N7Nz966LhD2RB_Lafu-32OHGxej2g4ArKnVPykYKVHFKIpg0rSweUwh4-sJeaclwiRKq-Wg-CwPEM_4_ElftfoF1INzETfk1E5QwT9z8qbWczw3TwJqaBwCQ1NuKLZGq02A6GORTaaAqmZHDxp8sDWAKO_sjpeyFsNmCioFG8DFLB7yOzvusMlLWfK8lSl6qEoDz38ykhkYI7JH7wJKdG_FnfaugOJgRef-5GBd51EnVhku6XJL2BWTOrUNYIjC3vf4iemA-JjHjAqDYj2YXjwlX-fJClnwAB199bkINdLDpohVgoaUki0jelw5KKoF6Upggi-B4STOzwXXJb2hpgyHQ36FmeleSUjuydOVfz0Wh5K_XtNRHSCWjOuge7s9VGbW0dYFo9cBncMsAALevpIfWmP6RCcxKIVuhZ-1jdAxBIvtyZXcxVHGzE88b696TnSMMvjwhRe8JvXx4iCM1kJYBHQOZqgzvg20pa79AbQ6Ryawz0Wf-eGVhdGoM66BQ8YPaaondAcUE60JvQ-kEIk707B9dfdoWEAmQe1VD-pt_2VBtrdnUo1ORSfLoly4FgFTZQKzGMpqQkeKELKMyzPwy02IHnLtaG0chlp1gr9itJXn46-B6ZwCw9MkwzRTtbjp5BvSoPAm3090mebVYHSSY1UhBAJvvZVQmLKwP6WuCP42FvYw7YjkHLinnnIkH-wUgFKPViBNJUbmfH8Vxb79eVgWy4GPvCgauvMd9cR-dczdNbVyguozP0vXF3xsV1HfMOU1xJnwVyVZoD_uEhcj186gEzPWQl0yvvm7AYVbW2xGnOmrmK1Ex3VuY1YPuklIe0T9mVZ_bPgJeBS8qflLLmsCTQgOBzmiXTmyM0QPZcAOSBTXCvX4eemMFxp3MQCkz4NnhKyWIlJAvcl0fqHD7hyojbWa2KP13P07StsmlAv8LIa2uTUBgMzEyRkau4FPR3YItaDwRMFW82SsO8gnTQ8wRYaugdE8Flc8QA&cid=CAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=9941374833555606000&adk=3690638929&idt=899&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8a9fe35d355082e3c38d444947801b589d5760e717a1d359fbb24670e28c2d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18221
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 03 Oct 2023 20:21:03 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame F80A 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
504549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:11:54 GMT
expires
Thu, 26 Sep 2024 23:11:54 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 19:21:04 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame ACDF 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Oct 2023 20:12:40 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=PzzvcV9SkElNN9WxD1A7J6NoVAD0EKb%2FfmhuP4fx3KN9OiDGWvaZ7LJJ9RcOcQal2MBVVdx%2BpjzXR7ZUYczsuZoYYD6IIaXsUw7KZmLyP51ci2K4%2FyAyk1ef4riStqYL4fr%2BMFdwNAvZColfLuJXISf6dyoX0IZsaxMbfkhQZnXHNaUP4R7444UdOW0DVNnkAPCsw6JKWK0%2FqcBJtFjyIw2lw5nLbXILup6rG5u8K9wioumw17iTIuf5wG1YWrZfnEi%2F79UNDe%2FaG1kKC7vlhD3q6hstCRDmF5%2BuSVOeU39kpSeBE8ojqVsE0qF0nWN5hvioiv3QH9QCW2DVNMCqos%2BebBPkasnffpqCYBxmycCJ3%2BOFIS9yyImqhnJILA3ZzuGq5gC0VP4h6ncb1JM3ERbZgTKzNnOBDvX%2F8U%2FrHYIhHSJRZnvURh%2F5HS1uwomFBkJcsVbQEZZYRNTEnAJf2L8VooPbL7XEJwc%2Brk8r%2BrIAjQrKX41px6m%2FFQ0awcPwTpOIfAglK2%2F4hfAv56ncNy6ksU2C2UrvADpvIAQxD%2Fc%2FtSeHI11eAI7dapc55JaY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/ 		96 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 03 Oct 2023 19:21:04 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/ Frame 9AC3 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
646c1db586ec5302d76714a1235e998d8308747ef942a982a5934119727d8051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131628
x-xss-protection
0
server
cafe
etag
6629058534243218986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:21:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/ Frame 931C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
44749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 06:55:14 GMT
etag
2603938475786422795
expires
Tue, 17 Oct 2023 06:55:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 03 Oct 2023 19:21:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
176169
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8a12888a5ea59ab84d2ecfed50bcf657b3e794512577eecede2549c22b4cbbef

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 02 Nov 2023 19:21:03 GMT
usync.html
eus.rubiconproject.com/ Frame B0D5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 19:21:03 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 6222 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81078bc32d419b45-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:03 GMT
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 209F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 03 Oct 2023 19:21:02 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
ixmatch.html
js-sec.indexww.com/um/ Frame 4764 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1062
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81078bcadef23cb3-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:04 GMT
expires
Tue, 03 Oct 2023 23:21:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 29A5 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=166876
content-encoding
gzip
content-length
8491
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:04 GMT
expires
Thu, 05 Oct 2023 17:42:20 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 403B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-211.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 03 Oct 2023 19:21:04 GMT
ETag
"623de86a-cf34"
Expires
Wed, 04 Oct 2023 19:21:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
sync.html
public.servenobid.com/ Frame D865 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
32378
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 10:21:27 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-id
cjvCXOIrVUwxGc-MnmQxBpbKIvPrihL4NW8iNXeJf3NitogSSS-PTQ==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 334A 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 03 Oct 2023 19:21:04 GMT
/
onetag-sys.com/usync/ Frame 5AC2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696360858728
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
151db682b64cb51ed4b8e6e584291a7c70f7a89bdab24460c3120f9349b81438
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1327
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pd
adpushup-d.openx.net/w/1.0/ Frame E41A
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
353de71f11f6a7d87156600447bf39c4bddfb8d06a54dc7d571bf1a8ec8fb168

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
414
content-type
text/html
date
Tue, 03 Oct 2023 19:21:04 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Oct 2023 19:21:04 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/ Frame FDCB 		498 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044665408255078&correlator=1285906451093641&eid=31076480&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696360863419&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=rf05ul4j7ngp&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPzr4I1tgWP0jQ2sfTAKi9OjiiM5afBanUI8MRvZoke5JaI2VAsMxIFQFulPaeCyr7G70VYSY0bAQRg-rxig_O9dd6KH0rHT0YCZjclAt-dectzf93o8xLoMBbQUnoAFQxUPe4juC48DpLH3yb9FAu-mJaY_Nzt7y9t7UTOhhe4B4LnO1v_sbB5rrOj6weevqi_g6HU1yWhXHNL&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1959460279.1696360863&ga_sid=1696360863&ga_hid=604866189&ga_fc=false&dlt=1696360862109&idt=1241&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
fe2004aa26a471ad88799b7218e09ceb9e6e7055f1f57665ce6d745a4ff7a476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FDCB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
8e337e2b962a6b9840479779dcf7b28aebc586f5e1943a2f77d3a6d69897e4cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12094
x-xss-protection
0
container.html
8bba9bc6dbc9cbafd4e27a23ef8230e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 518A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8bba9bc6dbc9cbafd4e27a23ef8230e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:21:03 GMT
expires
Wed, 02 Oct 2024 19:21:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 23:29:49 GMT
x-content-type-options
nosniff
age
330675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 23:29:49 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 04:05:52 GMT
x-content-type-options
nosniff
age
314112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 04:05:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
480_650.mp4
cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/ 		40 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 03 Oct 2023 19:21:04 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
usync.js
eus.rubiconproject.com/ Frame A19F 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35426
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:11:30 GMT
img
sync.mathtag.com/sync/ Frame 5AC2 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:04 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x11 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 03 Oct 2023 19:21:03 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5AC2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5AC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
an-x-request-uuid
90f6f0ae-6700-4558-aa99-976b2a4feb11
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5AC2 		42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=oj5_VhVi-XzeCR5LsEfQdcsgbaF4u1iKjRyVZg0A7ig
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 5AC2 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 5AC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 5AC2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9Q1C2XFR82H80QP895T9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 5AC2 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:03 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 5AC2 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 5AC2 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 5AC2 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696360858728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.69.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-69-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
TdZ8YGU4JWu2CTZQ39MBliAIlgB%2F0s3obSowOxtJE%2B6hl722z1CIJIL9ijsVyW9fs%2BhPGZDpEEo9lv1CmWF0ousTMoayELkHbjjEc%2BmTRoJ3rJX1%2BtN2eN%2FUqkA7hX5Lz%2FcTWoLqpY54BUa90byZymgfcTBiqJtfgWqSqilnCxowpya%2B5PQA%...
ad.vidverto.io/delivery/video/pod/ Frame F80A 		46 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/TdZ8YGU4JWu2CTZQ39MBliAIlgB%2F0s3obSowOxtJE%2B6hl722z1CIJIL9ijsVyW9fs%2BhPGZDpEEo9lv1CmWF0ousTMoayELkHbjjEc%2BmTRoJ3rJX1%2BtN2eN%2FUqkA7hX5Lz%2FcTWoLqpY54BUa90byZymgfcTBiqJtfgWqSqilnCxowpya%2B5PQA%2BpPY%2BF6dpAt4wm7hkFv2TkdfDdTr6HcuvW2yfpU%2Fhi59oD4CHIO3NdjE8WuWHoPUoq%2FcRN8tnsVvsQBSpfEtFU2jT5JsYoBbhweakIfe1U%2FT3NArny8tLykG1Fg4QqGycSWQMjCze3KoOoREcMXZrDugyJtF9gT2m%2BpixMI2NPO1pVB1JiYOVU%2BKGUohPzPjBCskoiJKdLeeO%2F7bJ%2Bnzp9%2BVZmmPZxnqMIzVUp4YH7REylMTOO4Bp85tEEPqm157L%2BT4mPu%2B2J6tZR4U42XRRzYjgFdrSWc4h7cnjZTQDekd3gB0CYcjqqUtTmb2KSebn1CC7dTWNXg8sq9huiOdfehsbaYV9Sd797xoMG4f65EB6bzOAiT7dZCnM6MlyPpym8o6qBCE2qe%2FjpUMYxyh0VNTJfOOULNBQDx8sO8a9Q0reo4Q70tYcTH8sOz7Rpy0XA2YTHHjqiqdCzc5hW9IHLobNsO6iZEfmX4Nl%2F4ellC%2FRdyybUzWjUHd5TjDs63tj78hMfbVHmogrRZJbMPjnOo5UvOoyFXvI9SOYawOQOkNOCbmEB7QM%2FZkVn3w4vvNekqKDS5gVS4y?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5efd16652ba0ef0f99cdd689e7940c344a1ae01adec46d4323ff983d6936855c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Tue, 03 Oct 2023 19:21:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 6222 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
528714
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
81078bca3dbf9b45-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame 2DE9 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35426
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:11:30 GMT
usync.js
eus.rubiconproject.com/ Frame B0D5 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35426
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:11:30 GMT
pixel
cm.g.doubleclick.net/ Frame 16BC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNVmh9jYVdSNFq3_xCM0bjWvPkFc7RfXVDy7OvL92uALQCv9kpcNteUkmTRBkUDHt4acKLp_lMmp42db67oMOpWIFoT0VA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 16BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&C=1
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNVmh9jYVdSNFq3_xCM0bjWvPkFc7RfXVDy7OvL92uALQCv9kpcNteUkmTRBkUDHt4acKLp_lMmp42db67oMOpWIFoT0VA
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5uLRO%2BXhh5dKTFCcCe%2BcQ0SoHHBUAK4%2FcP01m2Zvmu9VcPVGtd%2Bx3GBKGwT5LvcgybXZZ5FaY4TxyOvPr1CcZrnnTAKsyh3dVM%2FM8GIkGDlKBbJ%2F%2BGMBM1e%2F4OklMPwR%2FWTDSh786n3zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078bf8aee60211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLtONN6Mwvvjl18RjsVk54amrA3D2ip4CBTPsD5LhMnnBs9Gl%2B%2BYMzOsCkvmyJJAqlfiiONv3RyLV%2BEX%2BQifQ7s9qL4b7rwPtmZG5O%2BTO14PvZk5SUuQ2TvaSY2sAcxGEqenqmYUKqyQKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&C=1
cache-control
no-cache
cf-ray
81078bccc87d0211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 16BC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRxpoEP4uUSs6wmDKxJjygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNVmh9jYVdSNFq3_xCM0bjWvPkFc7RfXVDy7OvL92uALQCv9kpcNteUkmTRBkUDHt4acKLp_lMmp42db67oMOpWIFoT0VA
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bgv4ciGYGFcwqvBNgS%2BI3AkPdqToylVFUYCsSHpPHDQuZJchKujM5N%2B%2BXhKMsa%2BPj5kzLPcKwQp6vUy%2BwSSUCGgim6aITSTvrDOB8cIrGF451LNAbjGML9%2FdjVb4NqZbMrVJv6k9sld5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c0218953c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1081 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjlxojGATAB&v=APEucNVHv9bfjIB8Ul3Z4S4_-ckpBtq8JhFgpe7lOP9RZVyaG4CAZt0gI2IzMChBCGTrkQO6svb9Rvva0cS_UufS7kns7UAniQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1081
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjlxojGATAB&v=APEucNVHv9bfjIB8Ul3Z4S4_-ckpBtq8JhFgpe7lOP9RZVyaG4CAZt0gI2IzMChBCGTrkQO6svb9Rvva0cS_UufS7kns7UAniQ
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UX4rOAzj0HHMA3bmV7dam6MjUkgVeJM3Z3d8qo%2FJ9y0PLpggbEEgtXS%2Fm%2BX05DQ6s8f1BH%2F8HbBrVRL0f6aA0UYVBonOkM14T6Cpn%2BUdHFYEEek8PJFRlyQEH7g2yXGmTq7OvE9vS%2F8%2BNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078bf90fa20211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1081
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRxpoKMB29AF2oKKN-v8hQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjlxojGATAB&v=APEucNVHv9bfjIB8Ul3Z4S4_-ckpBtq8JhFgpe7lOP9RZVyaG4CAZt0gI2IzMChBCGTrkQO6svb9Rvva0cS_UufS7kns7UAniQ
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECGDuyJ%2BjUBMGmnoEG%2BzgYY1OoRfQZt0Z7l1ZaCEhSw%2FUWDsiRVnYb1AXlyImK74lx%2FhMVq2BJznpYr0wmGoE9OugYaD1khVer2Y22YAFJqY6%2F8mEDuMriCFZdoz%2BdOCDYq9Kc%2Fc8nAnog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078bff6b9f3c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F80A 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnapgjn7&c=6480063276513&slotId=3240031638256.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.43.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bkk03s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 814E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR3b7KVXXpfz2PjtGjjAr2DCvOfhp-ALiK6ZuvkQQSaff0FSk7Sn2ZihqAWrVwLqibrUIsIwaxCmnApBNS_jFVimJh299qUye2GS6NybPqSuaSWCnZF8QQ_9H0Wy_BtVkiJGz8SkrFtuprofY9XZIqTYBx8qLeH_axeV2m3Pwwium1dho&cry=1&dbm_d=AKAmf-BcKGBX_OfuXPrA1S9Vltbm0YETAnAE5F7YPc3Rk8Ecs_3xTYkApUqMdr_L2dKXfmN_tEsgMrLTqP7CxDxqtL1QXbGDPvQKs72LCoHe9RB-YTbAbDKvQz_T1mlsB3z5qRZyBn0gyxPVpfFVAqQDTnN_HSbbmRtm8mTpuMqMwDuLIx3DgDVUNSoZJb0NepmIgf8LGD1caNO78GHOZ9MWao8497EPmv8k36tRtOyeO5MPCBZGzigcewFnAiLnayYJMKaBMFgKOyvwnFaIKc1FCuSEmRkWwahss4ItUEMdO43J9x3-MGqwXmSna3sPdj1Mih2uzgYtPffugVCfl44tQJjnjkg0yVbRH8LZFzwoU3oSrdyqxz8WnarvNouQdG4ei5N3gQ9r1oWTjlDXf-4U9CNAZI8IAmofa_-wpvGLz8e0qrQli-NmW4TdrBQXlkYw4I18_xFb7hA9Swm8f5PWOcW0urgTEDm7u56KqRLhshI6IVCuaLXuCRCUr5kIDaOmpptZFprpi076Wy55xnDDHeD5339arQegcuXdOQzS6iWp79B6hdLeegogZLELSogrpugnB27hAYQHjuGj8W6R1JVkRJ3ZgAsiEQqLQ6Ik0-FKBGL9pVhSU-m8YU_NFw8vBP-Bttf1tQ1E9w4Qydr5RzpgMNrtQgIteHLa-b0mF8hDXY-WuMKCZXrkhE8z2xkCcCAfOPTQHWZ6xeOiMCD7gJIxL7iwxh_3oAb1t7rfcnihJammtV0m91tK1t3_Ehl-a4SZouwT_ZC6qujDa8wxDD_o2XkUMrtZLpv1L4hCUsQLGjvFcODmIh9H4eEvy4_2iINQHKNeBwuSB4PCKfcTx8SJS9jqEmfzcUJ_aRrnKRQa3bVO4b8Fo846Y8c0W0we8knfqFG1JkNSb2ezpr6gA6oXQt7C8tK-vEPt289cyl6xHPQ3fVVCVW7icyMv9zNy4SdWMG1qqnVhA90boHSvcsWUsQeOuCn04P6gzj1ITes1w9ozx39GuDQdN91Fod8Nq4ZOvq1Sk6Cr8DNDPXdmpOJBNPgVoLLGvtGOYZwEEAHaphDxVj6nE2vRBmnQ7GVvEJeoyiamd8EI1Vpv46hBILE7wwSuuZjueHy9ZJrWuajsXSWjcxf6Pwmn4rO0-HxofzDwrtxFPeCUGaqGMEG-OFtLW0Tg_cH0YlxGHh63sih1J6P7g_r4u8eQY9UTtEfvacB6t2hsF1SLvkG_c8Ked4lDE6PIYVQL1Wb3LhJ7kJaW2FBca8N_2lUcTKoGbAqiWekJLAH3ATIKwmp0bqZnRHLXLdRS-Wyt5B1d-g59qJUfaUIGdcmNmuEZfKOjUo9LldNcxKD7W2dFe-bXvGZQi3Ixl-8An6Z64Ch8b4jNrHhpvXkFIXpU94kSLIfLKV4OEUlldlNj5QsoOCJPhtOplr6CR2O5Uq0qJocEdxYgoOUIIhRFjuQc8OwX0oBImcQKYiVZSBKHtLGhUaqSsT-f3ei9liEkqY9WudHeuzydUAPQnmNexXkwZiDv6vUmHW1vqidEOb4YG1VO9AJtX-tnBVOk4FvnqT0lXsYbFAb2_bbITLI1LHigWsWxYFEvHgxhAhY7u5MLGo3tb-6JNDBxuwnF6gA6Ojkd5764UQfWOs4xWF6H6BpKTIsbKrl2GK0uCVAZtscWKdTB0lFibad00KBlYlTAMUqK6pP8Njahkw0qHEViNDi6VVRYzgIIEw0HCj79jOGeUeJ7ReuaYQ8nHjyZtcMGsNSJ77xRyOHL3kMNs8pfOrDDupdwk6ipz6wqp7zhvN0D3LAD5uJf93EHJQ9PbiEPH2odE_yO8ZU51urMV2ybDt1NffxwbGXClAA2KUlkygWFIBYY3Rm58Jfp-tmXWsROtX4keZPdFi5Ka7qKyHqgY5R3kepVh5xbNlnli0ZRKsZiHv1tJPxGXxtY1K099CikhiskpSMWa4LitN8mINfeShXYL_weudjL5uebtmyQlJcZ3UCC5STkOkuyv44hSadFcKvePVWND4Zdis3xF2brd00zATgGWWsy4F53v66yQUScTnJ3r-kLATtu4i_FNoinhFWBMdgPmYlEbRoxy9xzKnx_2wFZSP4FGFirpdXS42HwiJCFyhF5kmZN7F5te5AbxV0sX1C0I7_KHVOR6QqjxJXXtEZGN3pGf7pyin4gJH8qtacrc_SLx-xsrGr1H17PHWfQJNTNWny82A5n_CWOvXgZj7XWc3afgsoBuur0zKJKPuoG5ghAwcWSflp_v252miMRljOMA64OuliT4SNyqrN2HX8IGr4MevGu3piJfmYXvhxYqFhegEOIb28S_nHxtHllOg5zpzwXdmKiOtFTZpV7SzC2C_yaLJeYMxF5mIvZvVH3Cofl-Q_uz9DDMs8SG5Bb1CJmbF8RCtggiihq-VLAOMKKJdu_kiunnr0hYBH5jfPz91uv9VltJ0nGatoNJrJ8-R5u4scsRLoNXFWkiC6k-MVX6GtJRgjroTHEsQOneaZuxRsQ97hbxYRou1MCh6RM_6jCJbd3N79P34gigcv1dBDuQWUWyNi82yGJ6d4SSHJ_pPwh9sxMSBIoaej3VvSwwY5fiRUjOhEpuBJAqi7Qrq-IpzMUKPdLrkAAGyB1XWCUNYWsQqIxT5F_T7WPUXCOPqZFKJrmxDllNXt9Z4cHCdX-pGBcIxQMRTQ6GXpIX7tka8-W9Fwdg-Gr3VLhv_l4WOYHkGmyeO5GAmIj-52dx9oeSiUlXkuTzix4Zru8mhlRGgqYoXnB8-BpmCjgrSBWBPnJax0EomFuHOJYUxr00rrHlTvxv1LrLiBFH7T14Z1nlj5nGQN1yXAJubG9x_inT8dRRQ26yQdsBQqIh119ZBSp61uR_qNxj1g5gp63o4Qa3Xz71TBcd_940ylR4tr_GyeIZ-tBzsG2ODh5pk3GRe7pVMwznnEj-f_2yp1IC4iqHLlguSWHg8cIho4V4y64cKNFPVS97FzLXfGgyAAy2N7Nz966LhD2RB_Lafu-32OHGxej2g4ArKnVPykYKVHFKIpg0rSweUwh4-sJeaclwiRKq-Wg-CwPEM_4_ElftfoF1INzETfk1E5QwT9z8qbWczw3TwJqaBwCQ1NuKLZGq02A6GORTaaAqmZHDxp8sDWAKO_sjpeyFsNmCioFG8DFLB7yOzvusMlLWfK8lSl6qEoDz38ykhkYI7JH7wJKdG_FnfaugOJgRef-5GBd51EnVhku6XJL2BWTOrUNYIjC3vf4iemA-JjHjAqDYj2YXjwlX-fJClnwAB199bkINdLDpohVgoaUki0jelw5KKoF6Upggi-B4STOzwXXJb2hpgyHQ36FmeleSUjuydOVfz0Wh5K_XtNRHSCWjOuge7s9VGbW0dYFo9cBncMsAALevpIfWmP6RCcxKIVuhZ-1jdAxBIvtyZXcxVHGzE88b696TnSMMvjwhRe8JvXx4iCM1kJYBHQOZqgzvg20pa79AbQ6Ryawz0Wf-eGVhdGoM66BQ8YPaaondAcUE60JvQ-kEIk707B9dfdoWEAmQe1VD-pt_2VBtrdnUo1ORSfLoly4FgFTZQKzGMpqQkeKELKMyzPwy02IHnLtaG0chlp1gr9itJXn46-B6ZwCw9MkwzRTtbjp5BvSoPAm3090mebVYHSSY1UhBAJvvZVQmLKwP6WuCP42FvYw7YjkHLinnnIkH-wUgFKPViBNJUbmfH8Vxb79eVgWy4GPvCgauvMd9cR-dczdNbVyguozP0vXF3xsV1HfMOU1xJnwVyVZoD_uEhcj186gEzPWQl0yvvm7AYVbW2xGnOmrmK1Ex3VuY1YPuklIe0T9mVZ_bPgJeBS8qflLLmsCTQgOBzmiXTmyM0QPZcAOSBTXCvX4eemMFxp3MQCkz4NnhKyWIlJAvcl0fqHD7hyojbWa2KP13P07StsmlAv8LIa2uTUBgMzEyRkau4FPR3YItaDwRMFW82SsO8gnTQ8wRYaugdE8Flc8QA&cid=CAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=9941374833555606000&adk=3690638929&idt=899&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
464857ce2cd39f577e1aee4380de452b3032f2746c94be5b8d71508e0733ca40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:13:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
83251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11583
x-xss-protection
0
server
cafe
etag
13692823745828058245
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 20:13:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 814E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR3b7KVXXpfz2PjtGjjAr2DCvOfhp-ALiK6ZuvkQQSaff0FSk7Sn2ZihqAWrVwLqibrUIsIwaxCmnApBNS_jFVimJh299qUye2GS6NybPqSuaSWCnZF8QQ_9H0Wy_BtVkiJGz8SkrFtuprofY9XZIqTYBx8qLeH_axeV2m3Pwwium1dho&cry=1&dbm_d=AKAmf-BcKGBX_OfuXPrA1S9Vltbm0YETAnAE5F7YPc3Rk8Ecs_3xTYkApUqMdr_L2dKXfmN_tEsgMrLTqP7CxDxqtL1QXbGDPvQKs72LCoHe9RB-YTbAbDKvQz_T1mlsB3z5qRZyBn0gyxPVpfFVAqQDTnN_HSbbmRtm8mTpuMqMwDuLIx3DgDVUNSoZJb0NepmIgf8LGD1caNO78GHOZ9MWao8497EPmv8k36tRtOyeO5MPCBZGzigcewFnAiLnayYJMKaBMFgKOyvwnFaIKc1FCuSEmRkWwahss4ItUEMdO43J9x3-MGqwXmSna3sPdj1Mih2uzgYtPffugVCfl44tQJjnjkg0yVbRH8LZFzwoU3oSrdyqxz8WnarvNouQdG4ei5N3gQ9r1oWTjlDXf-4U9CNAZI8IAmofa_-wpvGLz8e0qrQli-NmW4TdrBQXlkYw4I18_xFb7hA9Swm8f5PWOcW0urgTEDm7u56KqRLhshI6IVCuaLXuCRCUr5kIDaOmpptZFprpi076Wy55xnDDHeD5339arQegcuXdOQzS6iWp79B6hdLeegogZLELSogrpugnB27hAYQHjuGj8W6R1JVkRJ3ZgAsiEQqLQ6Ik0-FKBGL9pVhSU-m8YU_NFw8vBP-Bttf1tQ1E9w4Qydr5RzpgMNrtQgIteHLa-b0mF8hDXY-WuMKCZXrkhE8z2xkCcCAfOPTQHWZ6xeOiMCD7gJIxL7iwxh_3oAb1t7rfcnihJammtV0m91tK1t3_Ehl-a4SZouwT_ZC6qujDa8wxDD_o2XkUMrtZLpv1L4hCUsQLGjvFcODmIh9H4eEvy4_2iINQHKNeBwuSB4PCKfcTx8SJS9jqEmfzcUJ_aRrnKRQa3bVO4b8Fo846Y8c0W0we8knfqFG1JkNSb2ezpr6gA6oXQt7C8tK-vEPt289cyl6xHPQ3fVVCVW7icyMv9zNy4SdWMG1qqnVhA90boHSvcsWUsQeOuCn04P6gzj1ITes1w9ozx39GuDQdN91Fod8Nq4ZOvq1Sk6Cr8DNDPXdmpOJBNPgVoLLGvtGOYZwEEAHaphDxVj6nE2vRBmnQ7GVvEJeoyiamd8EI1Vpv46hBILE7wwSuuZjueHy9ZJrWuajsXSWjcxf6Pwmn4rO0-HxofzDwrtxFPeCUGaqGMEG-OFtLW0Tg_cH0YlxGHh63sih1J6P7g_r4u8eQY9UTtEfvacB6t2hsF1SLvkG_c8Ked4lDE6PIYVQL1Wb3LhJ7kJaW2FBca8N_2lUcTKoGbAqiWekJLAH3ATIKwmp0bqZnRHLXLdRS-Wyt5B1d-g59qJUfaUIGdcmNmuEZfKOjUo9LldNcxKD7W2dFe-bXvGZQi3Ixl-8An6Z64Ch8b4jNrHhpvXkFIXpU94kSLIfLKV4OEUlldlNj5QsoOCJPhtOplr6CR2O5Uq0qJocEdxYgoOUIIhRFjuQc8OwX0oBImcQKYiVZSBKHtLGhUaqSsT-f3ei9liEkqY9WudHeuzydUAPQnmNexXkwZiDv6vUmHW1vqidEOb4YG1VO9AJtX-tnBVOk4FvnqT0lXsYbFAb2_bbITLI1LHigWsWxYFEvHgxhAhY7u5MLGo3tb-6JNDBxuwnF6gA6Ojkd5764UQfWOs4xWF6H6BpKTIsbKrl2GK0uCVAZtscWKdTB0lFibad00KBlYlTAMUqK6pP8Njahkw0qHEViNDi6VVRYzgIIEw0HCj79jOGeUeJ7ReuaYQ8nHjyZtcMGsNSJ77xRyOHL3kMNs8pfOrDDupdwk6ipz6wqp7zhvN0D3LAD5uJf93EHJQ9PbiEPH2odE_yO8ZU51urMV2ybDt1NffxwbGXClAA2KUlkygWFIBYY3Rm58Jfp-tmXWsROtX4keZPdFi5Ka7qKyHqgY5R3kepVh5xbNlnli0ZRKsZiHv1tJPxGXxtY1K099CikhiskpSMWa4LitN8mINfeShXYL_weudjL5uebtmyQlJcZ3UCC5STkOkuyv44hSadFcKvePVWND4Zdis3xF2brd00zATgGWWsy4F53v66yQUScTnJ3r-kLATtu4i_FNoinhFWBMdgPmYlEbRoxy9xzKnx_2wFZSP4FGFirpdXS42HwiJCFyhF5kmZN7F5te5AbxV0sX1C0I7_KHVOR6QqjxJXXtEZGN3pGf7pyin4gJH8qtacrc_SLx-xsrGr1H17PHWfQJNTNWny82A5n_CWOvXgZj7XWc3afgsoBuur0zKJKPuoG5ghAwcWSflp_v252miMRljOMA64OuliT4SNyqrN2HX8IGr4MevGu3piJfmYXvhxYqFhegEOIb28S_nHxtHllOg5zpzwXdmKiOtFTZpV7SzC2C_yaLJeYMxF5mIvZvVH3Cofl-Q_uz9DDMs8SG5Bb1CJmbF8RCtggiihq-VLAOMKKJdu_kiunnr0hYBH5jfPz91uv9VltJ0nGatoNJrJ8-R5u4scsRLoNXFWkiC6k-MVX6GtJRgjroTHEsQOneaZuxRsQ97hbxYRou1MCh6RM_6jCJbd3N79P34gigcv1dBDuQWUWyNi82yGJ6d4SSHJ_pPwh9sxMSBIoaej3VvSwwY5fiRUjOhEpuBJAqi7Qrq-IpzMUKPdLrkAAGyB1XWCUNYWsQqIxT5F_T7WPUXCOPqZFKJrmxDllNXt9Z4cHCdX-pGBcIxQMRTQ6GXpIX7tka8-W9Fwdg-Gr3VLhv_l4WOYHkGmyeO5GAmIj-52dx9oeSiUlXkuTzix4Zru8mhlRGgqYoXnB8-BpmCjgrSBWBPnJax0EomFuHOJYUxr00rrHlTvxv1LrLiBFH7T14Z1nlj5nGQN1yXAJubG9x_inT8dRRQ26yQdsBQqIh119ZBSp61uR_qNxj1g5gp63o4Qa3Xz71TBcd_940ylR4tr_GyeIZ-tBzsG2ODh5pk3GRe7pVMwznnEj-f_2yp1IC4iqHLlguSWHg8cIho4V4y64cKNFPVS97FzLXfGgyAAy2N7Nz966LhD2RB_Lafu-32OHGxej2g4ArKnVPykYKVHFKIpg0rSweUwh4-sJeaclwiRKq-Wg-CwPEM_4_ElftfoF1INzETfk1E5QwT9z8qbWczw3TwJqaBwCQ1NuKLZGq02A6GORTaaAqmZHDxp8sDWAKO_sjpeyFsNmCioFG8DFLB7yOzvusMlLWfK8lSl6qEoDz38ykhkYI7JH7wJKdG_FnfaugOJgRef-5GBd51EnVhku6XJL2BWTOrUNYIjC3vf4iemA-JjHjAqDYj2YXjwlX-fJClnwAB199bkINdLDpohVgoaUki0jelw5KKoF6Upggi-B4STOzwXXJb2hpgyHQ36FmeleSUjuydOVfz0Wh5K_XtNRHSCWjOuge7s9VGbW0dYFo9cBncMsAALevpIfWmP6RCcxKIVuhZ-1jdAxBIvtyZXcxVHGzE88b696TnSMMvjwhRe8JvXx4iCM1kJYBHQOZqgzvg20pa79AbQ6Ryawz0Wf-eGVhdGoM66BQ8YPaaondAcUE60JvQ-kEIk707B9dfdoWEAmQe1VD-pt_2VBtrdnUo1ORSfLoly4FgFTZQKzGMpqQkeKELKMyzPwy02IHnLtaG0chlp1gr9itJXn46-B6ZwCw9MkwzRTtbjp5BvSoPAm3090mebVYHSSY1UhBAJvvZVQmLKwP6WuCP42FvYw7YjkHLinnnIkH-wUgFKPViBNJUbmfH8Vxb79eVgWy4GPvCgauvMd9cR-dczdNbVyguozP0vXF3xsV1HfMOU1xJnwVyVZoD_uEhcj186gEzPWQl0yvvm7AYVbW2xGnOmrmK1Ex3VuY1YPuklIe0T9mVZ_bPgJeBS8qflLLmsCTQgOBzmiXTmyM0QPZcAOSBTXCvX4eemMFxp3MQCkz4NnhKyWIlJAvcl0fqHD7hyojbWa2KP13P07StsmlAv8LIa2uTUBgMzEyRkau4FPR3YItaDwRMFW82SsO8gnTQ8wRYaugdE8Flc8QA&cid=CAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=9941374833555606000&adk=3690638929&idt=899&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
390160
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
pixel;r=674002134;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html;uh=e51ed67dfb8d91dc...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=674002134;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-852023121-1696360862137;pbc=7ba4b61c-f39a-4f73-bc21-2653678d182b;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696360864532;tzo=-120;ogl=;ses=d0580efa-d9f6-4604-af60-ee95222d8565;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 814E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787112&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1892594270&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3D&gclid=EAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787112&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7-f6LGIEdq24u-aOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY_IE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT_elr9-nZ015IIsLRN6k8Y1GPSxyRp2_GX-S4dGz9_EzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcB&ae=1&gclid=EAIaIQobChMInND-08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD_BwE&num=1&cid=CAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE&sig=AOD64_3tRItVVSnMFpFj4w_Yo55Th-sF3w&client=ca-pub-8933329999391104&dbm_c=AKAmf-DezW3ZBiKnEfCHu-kkq4KPK3eQMe0BYO_p935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt_aOStThBaoPcndhScJxFj6xeFVwsEw_xvfyErV0pWW9q6TrDMy4y8Q1xw_m_IlReOCRumd4fbIbM9vk1152YLM_olMJNnhaFfKzkgIY&cry=1&dbm_d=AKAmf-Dvz6-GSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr-uRkSc4BzhOD3XSslMtqv_eForZMvDqo67uNtIWno8gHaoaIqgAW_lo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW_zSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq_hKw01STs5Q1PXLO2rObsxhQfPkh_y-MNp_K0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV_nmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n-IpothTGjdYDoS_ICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ-rYnujYoiuobixZdp2B_aA7QDYkA9taJJlsERcuXD3tf-aHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA-JqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2_Y-JWb64BFS_SbXKt9AxN88ondq90G9b-s31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
7179b64155224ab8ebca1889b7dba5568820590e618688284e1f7f1a4f6f9331

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 21:21:04 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9AC3 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ea16061429cde45361e786c65181ab917f47c5ade80db568e301d8c76b7543ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame F308
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16963...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.26.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-26-40.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-length
459
content-type
text/html
date
Tue, 03 Oct 2023 19:21:14 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
x-amz-cf-id
tbDaJ3VEIQ8fKiAppCKQ-vplYfGae8dVGDs2niEhtjeJtmjeYTgImg==
x-amz-cf-pop
VIE50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
RefreshHit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:21:05 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame F80A 		0
0
/
adx3.adform.net/adx/ Frame F80A 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame F80A 		0
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame F80A 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame F80A 		0
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame F80A 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame F80A 		0
0
13926
g2.gumgum.com/usync/ Frame 8D32 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.115.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
24495617e32afc7cb4049c257ffd29b48c5fcf90af5601236244f9bacd7683dd

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 03 Oct 2023 19:21:12 GMT
etag
W/"0f9eaba5388a32882307ec8601a1dd966"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 226C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
46f282b7ed89d64e32f1490b024b7531f5241a5c1ae8807345df5f1abc6f6fe2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1138
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 95BB 		762 B
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
416d3d07baec7b1539530c1a67b516ddebdafdbe6aa1260e563046563b932689

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
762
content-type
text/html
date
Tue, 03 Oct 2023 19:21:12 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8812
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743648ea1eacdf2a554bdc2f1cdd079818ba16009b190bb1627e3df736bce3f9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81078bfbbc0e0211-ZRH
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 19:21:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiIzHoxwFbiow95bfwa0WVon4D7l3dv9XvOkF2MBkKum4O8%2FByfg8Z1nJZy3UFd4a7PA%2ByjhcSp%2Bsgw1VyGzP0RiazMa%2FG6cfWVaakj%2FLvsUOsxTmwk%2BQHYBKSGNT0LR3Jw%2Fu6iKHSQOLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81078bcd190c0211-ZRH
content-length
0
date
Tue, 03 Oct 2023 19:21:04 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SBKJIZw%2BnOtqI1EhgPbhETabFrlBPNfJkg5ZQkghVBcG8VpB7UojBdCr5Xi5Q0%2BKAoHnk9K9gdm9bJPKtaPvzqIwaIB2CRtEgrYsgdjTMfTj0wupkBxImLTMrz8VzYcr5m1hTrSt2BbVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5D2A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 19:21:11 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Oct 2023 19:21:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7EE3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121380
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 03 Oct 2023 19:21:12 GMT
expires
Thu, 05 Oct 2023 05:04:12 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 3E25 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
61ec1170be793b865581458c283f7c56b7b96f23dfc3adf831661b9899b5b3f2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Tue, 03 Oct 2023 19:21:12 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-id
wrZgGydmrP9Wv-JZxyCvqsHddwum1QEsda6siDAi7RFAeLw3Ap1ZvQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
10
user-sync
sync.adkernel.com/ Frame A198 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Tue, 03 Oct 2023 19:21:12 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame F707 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.214.104.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-104-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
c122ff49eeaefb7a538b0a502ec06dfed171e95a80f557426feae6f3429a7d69

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
713
content-type
text/html
date
Tue, 03 Oct 2023 19:21:12 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
sync
ads.servenobid.com/ Frame D865
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=211986550558328471
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=211986550558328471
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
an-x-request-uuid
5cede169-f677-4854-aeef-1fec792cc18a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=211986550558328471
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame D865 		0
0
pixel
ap.lijit.com/ Frame D865 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 19:21:16 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
sync.targeting.unrulymedia.com/csync/ Frame D865
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696360872876
  • https://ad.turn.com/r/cs?pid=45&rndcb=8515859467
  • https://sync.1rx.io/usersync/turn/8917603210396078727?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:16 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sync
ads.servenobid.com/ Frame D865
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5109685629981899883
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5109685629981899883
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5109685629981899883
Date
Tue, 03 Oct 2023 19:21:04 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame D865
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=667fe56d-a50e-4a6f-84d1-93784b211979
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=667fe56d-a50e-4a6f-84d1-93784b211979
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-193
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=667fe56d-a50e-4a6f-84d1-93784b211979
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame D865
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Tue, 03 Oct 2023 19:21:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame D865
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
date
Tue, 03 Oct 2023 19:21:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame D865
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-0fc48e17-89b8-382e-b8ba-b992b8f39d5f&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...
  • https://ssp.disqus.com/match?bidder=31&buyeruid=db344fbb-7dc6-443d-9c2d-42e7a69de0be&r=Cid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-0fc48e17-89b8-382e-b8ba-b992b8f39d5f&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...
0
0
sync
ads.servenobid.com/ Frame D865
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
date
Tue, 03 Oct 2023 19:21:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame D865 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
sync
ads.servenobid.com/ Frame D865
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 03 Oct 2023 19:21:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 03 Oct 2023 19:21:12 GMT
khaos.json
token.rubiconproject.com/ Frame A19F 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
khaos.json
token.rubiconproject.com/ Frame 2DE9 		7 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
khaos.json
token.rubiconproject.com/ Frame B0D5 		7 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame E539 		0
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81078bcd59919b45-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:04 GMT
server
cloudflare
vary
Accept-Encoding
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4E58 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-B291cTzF8pB99W0uC3Jr3BiFga9ZygN0FZE9UoSr-JCIjf1dGehcQTUVdW2uhEpg3fpJRfrPWbJhqYpX-ABKsXEhqP0xw2nd-WwOVXD9JqKipr7_bAs1TmrE5HPwZb14yA3mpODRdkmfBn2EOW8qRDgzRcbUaqKWVo8SetqjaGxWwM2ok&cry=1&dbm_d=AKAmf-DnAPR5U4Qyr2woQ86m4hcTga7prhBUzL_GGi7oj91rmuSAyLY96Y2_KnSx_038EJ6KYzn3uH9z6I8POCpZiofcgUTXmwU6jlxeZSaCW2jEovGaPj0YB0P27HqrhOnFMQP1WXTHKANX7fKG-8aNIMAwz-OI2-lwqjdA3FQNS0Kqp835qrd1Aq3khZ2RaqmsC3rlzQa1TWubJHrYw9q4MxONzr__G4xQQt5Qnj1u799JpfREpCE3-eujDDPF-ssBqEv9W-T3i8es_4WS5PVYmX5XdrSGappOm10I_tBfeD1_9NPZbiuSVzhg4_Bpz5-aoMBEyIDCpEKVeMPN_pbf-BwldA4NfwnjvvtddW6TVVjk3cv2-4iqcT9ARe9-jOZ-C5acDuxs3e6FkMppvqgyIYhTgj1oW4-ECr0EV5CyzjSkdWNR-eO5vTjYoLuXuKDp7NHo9RYCSxe8ds_P2WMQobRiOuOZoQJl7vbQPqKWcgQGz-HBT2t4m-FH2XbEVMyiD3shKF-KMWdmAbCtvYLDT6lBb52Nihl7s5I4BDBg0eI1Hlvnrw-GH6XQF2GN2K64ttZCOVlST9jOi1JbURrTEIrMkdkrPIlosSsgcurrjOuq_o6EyLN-3_k32Jn8NB4DzQWlY7oxO6cLVdmxtNBqPMRbPbkp-08LP6Y5WaYKO-Lix2x2aHFBJv5zSmfDmKmp7wOLTMgRut2KKqBSjyFwIHLo_K7Ingnq2Hhx5NTR1IPlaZX-fs5R-uJHf7aw-aCgYNQ3xobcI6HWhrExchB_R_kFCTXTb2_Wu82DIIAVX9yG0TUztAmhbzZ1InEUYKQ-gFuDmpWBVhbwDZgLbsW8ktw9Y89S95plVe2cIjm1hOpS4Q8vEuFaBL99FOaBuo__jNqoiOkbhzBjEism48xC-A_D2OJt8XKgdAsOl8WU-XKDEur-pwK6XINYKzY275FJ1O8s-22YGziz8j6iHvRRmQwDVIqFTrTKUWeXvLCqa3Jo5iTn54fb5JqZrwiNTYCv9X_l7Z3rBORiXHLjOInwnyxa1oOFW0IZ7hcrgISpyQuBvHw5FfExtS_7qHpG-Sjl3nIeS-v6__a2ZTeNL10i2_kbpipkowEE8in9MlV-LLptUzm1u0R0Dvp2kw6Ay906NwZU_58iPCqzjjUOTVSyu7vMS3i2J6COpIS9u6ziLA32cFp7r33UUyK1UPd4k2aA0NEbGi0H9X2Rb_u57s8GNXa3P33lhA4huq1lmr45ti07o38L1vqcc8da7poAjVtW9zD79tyIwccbWJ7peLD4aNvB98XuvyIWbVZGS42MoTfSg21aVZtcXd33C7OL1HV68kwGhWkkWthudvw_nDnmhMQZrwZ8vCFPEeV-Oi-71QTmvz7h-Ecgvhlip2vpO2KBhLanwsdpnAWmwTgSy7-YZehb4FT5VUVX7hOpyWwm7DVnkbuFBSzKlgk5XJ2haHEcRpHpYAfWleg3sLf_WIWSkoNES4_Ca5Eh_cfOLU1S0MSAM_bu8Q-EzEnQXQUJcLb6T8t4ynnAtiDK0bJF0VTTwvXUolhnAiAbVkRHUjy2z4uowQt89efmCFMRUf4Z6b2QPSFnvXURCLxOvhDbSCi0wyey9JSridosHYFBajrSKEmcQGbD9xkZVGyvhQB5tuTLB_e6DQyzqWc00m7dOYNXeuYmu-DS7ITPBoeMVpT_KLyRUdbuPaHCuXjwxBB2voxVfWYM9QvwxUwRnBC12Qeahvv9wuQYNJWmXkAMSF49hY7BgRO_R0hQg0XtxJHuIvaSYAC1oCs011xpPVkXNJPt6rfDV8K_298wZ02JEsidTp527BSV02Se8GzvbzZy4LDPbPODTR8St4zLoFqral3VOaMuuctzmFB2zsQHySB14JiiMkCIMPclyr3uxpC90ujqpRi-TIOvAX47XMma9oeQxpw-bdoRsMTVSEFVsjEnJ93oCX7MTS4FlEw0ITX-5yPEB_ZM6GYQIdO8AAsi2gsDll_QRCZVeohxuzkURslQC5kVjijUDMUJWbnv9YUgBX0YSs0W4bjGY4X3OnnWMuc6HDxE4PZKtK61cezlIuOnIxMYUQujVeMqrKuCUwpwcPenPiHdhn9TGOzvS-A_t1Is8WLXngfSrmDqjIe4h1TdtkJ_yS6a_JdU-vetmR0c0JIbEoHpGvdjDYLdZNkG8svwgg7xKKpcExgSTzyONo66vEF-McV5xnQA57Oeyvsz1ahex-728_KHg_NdBDHYwX7djH26A659IK5nyW44oXzjkRjKlLZfIrkNygnfsAI1DQHVvVdEPLGKk3JmzbzExy6DKzz_q1DXSRLG-mJeI3ptRORHI9u_Q9Ay_k-8-zmSbzqu04d1DCey8FPJvVkuRimdOn0yopUwTq0IcKljlgu8dPTuauozV_dR1SGUiUDlzvhK2hZb3fapvSkZpVUqFD40pStKxfYs31kHHlNqDPqhLJdy6Lo9OoDuM_g_M-8oS301CeWxYGr26kk2HgeQwtpymtXt0bzKrWEVxwbZMe69ASvy0O0JsbRH4oBKeE6MT-W87QsTr4MHvLz3cNNbq3aMJZedQTilxO7HUlCKR7WvOrasrLRv0o0pYXwAfeUZ1S4n2sFiZaTkWLFBVGriMGalDPZt8EMeaQCrIkkz8H3dbFKSDpFqj6Y9SdvBcPD0JBB5nwyjlAaaxjwaY-Qap7M_T7dYYynNNTztsS32pAnwy_HGx4WenQzDNT8sJhbVHtNpKjXwCzmCv6JjfnfNVDTigCTCHKYad-X0EGoCDA4PlSP1VwIqC8JMuFlWVmsXzhv9n4Zx-qTeeag9Va4pLTpGqoD-VwW_yhYed6kQASuC93qJ6WfkcUGQTSdI1tvj1YR6w6CjpTn5w8TNUGZ28R3zkCniTDbR2Ui5C0-vR7fCDHA2qwA7EE99GPoOAzrxYRbes5DFeAlcR2Wg4_vi5ZT37Ej9Y6icaFDh4Pby1myLkvVec0Q9bZ7KJSm5jG27SWoIuZszDE7WPM8Gg1559NhT_5dr51SuUdBnuNPNlDY51TI5IAzcFbnTek_C9a_LXwcitszF_gJ2BNOkRXWxQ4t1rCc4R_Rb7TVrIearPNHF4zeqMV2w-lZeUUfWHRP6JwX4juzARoX7LB7neApoOAk5Cq9CfVWzciZS8uhhkMbihQQ0TvsALczrMbIDApEaCzbZ00OLYevWIDvwWJOZru7Z4ZOOpcOfBgR9G2EFRAZeuCZyT6IRVnNETGrHVbFsz6ENA7FYQMt_A37ld_prFuEDvZcr7crsAH881ElYHaR-CiMQM2-JP-Or-29f006jAbmvF0tRQJOgyOgA4f62P-BWv8nNsx-vykGzeBN4xqTlRs-MoSIbf1jVFRlkCaMh5nCKWNoJgUjZD-AqG783dEF9Lv-3zdK6s2w7zho-OgIbMBcWF1M2eiv_0-gTbM0Ca4BI1K98ZXUVFsd-GjIBaGTItgWlY0oQcLhwzZEBbNSN1VQz14dvw8YmSXq46HZ7uVZT8-GyB3amHr7ZDbISwOSO9ZnQkVFp3Nb3LaIbdxGKS_6jy0cqGRAZ15WTY4p3sFwonj5v9_1bJ9mQwkvx-2pKLWoWGBTj4zeeDfh2nkLCL0nMJgKlcQC0mh5uaHGvc1qJdUIBWWjdPNosuzJ_KwTks7TzxCvKorQcDVZ-OHRQjUfRBM8J-zvQqAqP48sItusyD9OUmeSbJiaDBD7W_oDc7sY1Y7NbScnGEssj5aQrkDAn8flemBNpln8ZfkVjkWRAdg5s05ua1FwHTGhA8ScSBtQji3whK1QFCqmLPbZIAW4ejgHOkGJEredVlBLypooViDiBc3ZZnWZ0DnuAp6BbClfpSW4fzqLCJKGMC6syfDtfVW8wLxw_QuUKIvrr2_SZdllNrsVxvcg7IqFXLgYWFBYNaHnB5VxG-10_iUbiT_3_tuwjL43eskDpIrOGb4G2VAWNLU6rBZjZ1SkTw0YidUcqXn4OEIrOi6X0VmT4vtcmJSXbo_P4p1gqp9SybaCt3B_yTXBhnMjsdQCanPAOetXbGI7aNh54V6La_Fp81-CNyG4Sfa17_1Q3KP3oc5be11lMtrZg1X4bi-CUDrBmOZrvVx20j2mlw66riVzYYxCJjevA8Slxct_B1ZkAE3wtTDSrmdk_xR7IthY1IgnHyWFckh808x_BJ4_Du_Kb2-4iCNGZi-U&cid=CAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=7970372024465319000&adk=2086295851&idt=768&cac=0&dtd=59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
503367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 23:31:37 GMT
async_usersync
ib.adnxs.com/ Frame 403B 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:04 GMT
an-x-request-uuid
f563a26f-97f3-4dad-ae42-12e2df7ae823
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame 6CDC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
8df8cbf88d2adea00e56f441e82d73033f5d82ea169e12f81b4bb8bc30e73690
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1369
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
eoj7iutodpqy
hal9000.redintelligence.net/zone/ Frame 4E58 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/eoj7iutodpqy?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2V8ynGkcZcOPDJDXgAfelLqgAZHB0Jtp0-uDktwP8C4QASC6hMAzYPWFgIDcBMgBCakCl6DsjUuKsT6oAwHIA5sEqgSXAk_Q031Nh2o4pex_bbVpaCuobXJtvKwuwvvx58dewdCWFEzc40Tgi5uCALzfhxBMwN-sQKybNM9iFOPqT6OM2UoVRrsLmHFY6tmROEWdEeGnOAtVcgpMFEPMgE2VhZYLQDpYdJbRR0CqsvEuMWGw-4e4UQ4VP9b9WMDl14QJ4f_i7rnJzlrldCWxSi93UHImnwgmJPCPKcVBw92bpcOLafgfTwqLfaxuHEYCtHkdcP3DpuWRbzGbVi5l0QH4Kh6k7dnIvEveJNy84dSyKZKSKKPymWXlXbsbnRvB5SUfRGnqJpqzCVNIRWZuAZT3WGwWU4OnNnsb93HlENioKBKDgInj11o6v_0Lpo7rrTsXeUq2KWd2DovNNMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj1xO3TzNqBAxWQK-AKHV6KDhSwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIw83u08zagQMVkCvgCh1eig4UEAEYASAAEgI0gPD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE%26sig%3DAOD64_2F9Wf6NZQSRF5fz5B2IqewAAzhpA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Dy0lCCIvxtalMZeyQ-TTREHR2Q0XKYNjFvIyLscrmpn5AFJyIWrp36zKNiZLqvbZeDnE85_VS9V2pdvjWeJNh2LegmFdPWpeZeCVkKBfi4IERR2KysGo0_5Tpex6r-TNG9dmhEFYy8FfHRKtxIcmDbpVAhY11VNElzA8LMNyoyUKYrUW4%26cry%3D1%26dbm_d%3DAKAmf-Dy17OUI7uwlAFN_y7aGe3OAdEiifieXER7ofYBaGlrqa5eTeLDXvAxzGrg_3lp1EgmycVE_hsV9AafLKRI7ZhyErnOryk2U1iI4q22P8L-qaUXH9KAtrXrJMTCacOPeQ1z2BOSkT5qe-aOseF3xvvpTQDSORtJaojBWUidGtu4DEX7T8-lqoKlhnjzWwznAiVOcxElU3luXC4ObIomNpECSB6zQGOQq6nyFXzRATJwKBtVH4V8_CZ8x3xEQ2_Bya8Cnu_KIe3d_x8oBNOvsvOWcmznX6LUwW1xrCkS13VYj7cp_jt3aEvD5egYBuFWdh9_jlBnjAAvo_U82F6ZwzsYbFunMe44Y3wrljkaugJUUM7Lm0RqkPoDCaHkXBqMY97RZmGUVoInXO7xubN45XXqQpcgwbIJlpAgGaS5IKkU5iVM6RVoY0lcqqEGQhzozZrGVTOVxKVHlIX839ACG5TCZrdozD_hX4ZSTbtZsRx7Ab7pO36TCWWPTRzpXcXbnIF96DwCRSn2Epjf6xKi4E-o4rwStaZqR3xX1FM53qTVlbiVD9pJ48FZMyoCDf5VB_nbUIhf0TShgJF1WXcwudG9018Oz2SZQLPWeXOj1mRJ9X2kEkY5Bu52-of3kc73mFNiRnMfouvETzA0mGw9rqyv94R0aQW5RICc6Etsur_c6AMSLMY%26adurl%3D
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
221f0678326e4d2d03984af7eaf88a0ae3f6bac7264209da40b3d206cdd26ade

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:12 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4358
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
480_650.mp4
cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/ 		152 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16744448-

Response headers

Date
Tue, 03 Oct 2023 19:21:12 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16744448-16900083/16900084
Connection
keep-alive
Content-Length
155636
pixel
ap.lijit.com/ Frame F487 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 19:21:15 GMT
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 8CC6
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=eb197b38-db9e-4dad-b675-1zz1696360863
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-2vmeBotfqpfe78zPaxKtZbpotsTYbv8CQlBY4w&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&us_ps=
95 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.114.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.248.114.235.167.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Tue, 03 Oct 2023 19:21:06 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 03 Oct 2023 19:21:16 GMT
location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&us_ps=
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=-48&tvi50=12238&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
66
date
Tue, 03 Oct 2023 19:21:05 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
63980
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1696360865.995977,VS0,VE66
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sync
ads.servenobid.com/ Frame 1DE5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696360872877
  • https://ad.turn.com/r/cs?pid=45&rndcb=2950171757
  • https://sync.1rx.io/usersync/turn/3297110875437699719?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-37428463-7522-4c7d-83d8-95f30e729ae8-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-37428463-7522-4c7d-83d8-95f30e729ae8-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
0
0
csi
csi.gstatic.com/ Frame F80A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnapgk51&c=6480063276513&slotId=3240031638256.5&ghmsh_eids=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.43.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bkk03s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26f07d88-8d78-5214-9f1d-135efa017af6
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 351F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=3594415963459389422
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/26f07d88-8d78-5214-9f1d-135efa017af6
0
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/26f07d88-8d78-5214-9f1d-135efa017af6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81078c104aca9b45-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:15 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/26f07d88-8d78-5214-9f1d-135efa017af6
usermatch
ssum-sec.casalemedia.com/ Frame E544
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916cd242c8103c7f9b3d117d050f4a63362920e7b3dc9957b4ecdd8386ea90e7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81078bfcbd740211-ZRH
content-encoding
br
content-type
text/html
date
Tue, 03 Oct 2023 19:21:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwu%2BKMOQPi8uGxKzIPofa2%2FNgJ%2BsYK%2BHkaC5hnBWHtD4ung3RaXYY0r3dIs0Dy9a%2BDp1QVtiXR1uMe4XfcwGEAHUtNtkbr9LtnhgSB9HrpSP8buRuUhAhOM5Jl8hTj%2FADQsk0TxnbbftIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81078bcefc140211-ZRH
content-length
0
date
Tue, 03 Oct 2023 19:21:05 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soOEq3HsR%2F0tdFHdB22nCDlIQRYxVPSlNWcuowJg0DF2CONcLjHlhP0YAk%2FczuvrI%2FFmzQu4xXfGGWk%2B9qs49lQWZGQAcfjD8lyQwbYsIBnbLdLIkoxsuyQAbm0wND88MwJifd2Lq08Hgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame B436
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
0
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81078c01eab59b45-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Tue, 03 Oct 2023 19:21:12 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/a8e81323283f3bafe5145948b864e01a3e6171bcee074425949e6278f4ec0cd4
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
cookie
cm.adform.net/ Frame 3887 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Tue, 03 Oct 2023 19:21:12 GMT
server
nginx
6a7cae5ade1336596d1a0f1be6d1b16
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 53C7
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/6a7cae5ade1336596d1a0f1be6d1b16?gdpr_consent=&gdpr=0
0
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/6a7cae5ade1336596d1a0f1be6d1b16?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81078bfcbd139b45-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:12 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 03 Oct 2023 19:21:05 GMT
Expires
Tue, 03 Oct 2023 19:21:05 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/6a7cae5ade1336596d1a0f1be6d1b16?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696360865206011-388
v1
match.sharethrough.com/universal/ Frame 01FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 83AC
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
0
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81078c033c239b45-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:13 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Tue, 03 Oct 2023 19:21:12 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/3f108e6e458e222832efe2e48f638875e256ea2639efade3e62c8af08a43682b
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EE24 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
139683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3a20&_p=10720756&cid=1308101982.1696360855&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696360860&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=%E6%9F%A5%E4%B8%89%E4%B8%AD%E6%A1%88%E9%80%B2%E9%BB%A8%E4%B8%AD%E5%A4%AE%E6%8A%84%E7%B4%80%E9%8C%84%EF%BC%9F%E3%80%80%E5%8C%97%E6%AA%A2%EF%BC%9A%E6%87%89%E5%9C%8B%E6%B0%91%E9%BB%A8%E4%B9%8B%E8%AB%8B%E8%80%8C%E5%89%8D%E5%BE%80%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		0
0
/
onetag-sys.com/match/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1560a79f-dd75-4ecf-891f-924f2409b3d1&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
0
0
sd
us-u.openx.net/w/1.0/ Frame E41A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ImGDGSJt00o5bNBJIWefTXU10xg5MdBPcmEGlMrj
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ImGDGSJt00o5bNBJIWefTXU10xg5MdBPcmEGlMrj
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ImGDGSJt00o5bNBJIWefTXU10xg5MdBPcmEGlMrj
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E41A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7341292135417961622
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7341292135417961622
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7341292135417961622
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame E41A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=bc99aaf0-2ec1-8f8b-bd65-09a290d15a16
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=bc99aaf0-2ec1-8f8b-bd65-09a290d15a16&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=bc99aaf0-2ec1-8f8b-bd65-09a290d15a16&dcc=t
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P90X9M4QX16H4KR3Q8DV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4VF6HR21BG77T0F48TH4
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=bc99aaf0-2ec1-8f8b-bd65-09a290d15a16&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame E41A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=e44fd68d-326b-3471-7d6b-8b35f8e291f6&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:07 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E41A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzgyMDA1NDctZmIxYy02YWQ1LTY4OGItZDE4YzMyMDA1Zjk2
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E41A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMk_fakEYz8X4kd0UyqxcU&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMk_fakEYz8X4kd0UyqxcU&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMk_fakEYz8X4kd0UyqxcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ad2.adfarm1.adition.com/ Frame 814E 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4389191&gdpr=0&gdpr_consent=&ts=7285814433103874828&kid=5609187&keyword=PACS_4787112_17068014&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787112&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1892594270&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3D&gclid=EAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
76bbb79b7a7bf6b6f48fa788b4f26b45e2def746183deace19dacc44b4362c09

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Tue, 03 Oct 2023 21:21:12 +0200
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696360869014&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1558&pt=-522233600&tz=120&viewable=true&ddast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ca85c7f53fc27524b07ea3553cf8cb9b3235bd7698f1d61a42621cd5d1cd48a9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:09 GMT
content-encoding
gzip
server
nginx
machineid
1434
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FDCB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 19:21:09 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame F80A 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame F80A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame F80A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame F80A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame F80A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame F80A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame F80A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame 0142 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
504555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:11:54 GMT
expires
Thu, 26 Sep 2024 23:11:54 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B643 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Oct 2023 20:12:40 GMT
480_650.mp4
cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/ 		80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 03 Oct 2023 19:21:12 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
/
onetag-sys.com/match/ Frame 226C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-WRXiU85E2pnvZxRYP9_XnXf7ZawtEhe6eGroaA--~A&expires=5&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 03 Oct 2023 19:21:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
img
sync.mathtag.com/sync/ Frame 226C 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:11 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 03 Oct 2023 19:21:10 GMT
/
onetag-sys.com/match/ Frame 226C
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LNAPGI8G-8-VLW&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 226C 		42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 226C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pubmatic
um.simpli.fi/ Frame 226C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFps46a5rBt2Fs37Hth5lo0&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
35.204.158.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 02 Oct 2023 19:21:16 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Tue, 03 Oct 2023 19:21:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 226C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:11 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ads.servenobid.com/ Frame 226C 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:11 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696360872014&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1558&pt=-522233600&tz=120&viewable=true&ddast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f732bc32a6a91aef8d822e23a7fa9541fe8646f38ee1004159db0f18d91cb944

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
content-encoding
gzip
server
nginx
machineid
1441
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame BA0B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
135402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 05:44:30 GMT
expires
Tue, 01 Oct 2024 05:44:30 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 6CDC 		42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 6CDC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 6CDC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KFAt-fAXH2h4vyAc6KacI1crTg-TU-dUu96Z8bdKJsE
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KFAt-fAXH2h4vyAc6KacI1crTg-TU-dUu96Z8bdKJsE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AMS5SYD48DN5WV715EC4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KFAt-fAXH2h4vyAc6KacI1crTg-TU-dUu96Z8bdKJsE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame 6CDC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.69.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-69-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
img
sync.mathtag.com/sync/ Frame 6CDC 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x3 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:12 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x3 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 03 Oct 2023 19:21:11 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6CDC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 6CDC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
an-x-request-uuid
94a1960d-5a45-41df-8c66-db817da5a0fa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=211986550558328471
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync-global.smartadserver.com/api/ Frame 6CDC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 6CDC 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 6CDC 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 6CDC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
server
Kestrel
content-length
70
content-type
image/gif
EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 6CDC 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
81078bfced689b45-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 58BE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 18:02:12 GMT
expires
Wed, 02 Oct 2024 18:02:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E56B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
139936a350a34977bc853dccfe8df5f0f954d8bea92902d8ff3c4419ea6cc900
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o3PZzPKYUohXezmP4Hv8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-o3PZzPKYUohXezmP4Hv8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:21:12 GMT
expires
Tue, 03 Oct 2023 19:21:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 5D2A 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35418
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:11:30 GMT
f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
pagead2.googlesyndication.com/bg/ Frame EE24 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
603790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14693
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:02 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8812 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 8812
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCk1XUJqPZI%2FhVwUg5MhojKskZhKiHeaq8Wpziqnvv4KdGNT42P5DjsUMEUEdTRif3qWetYbanGpNSGtCvbUdq86RrftG1Xb0kEKDt%2B9AAf3Uh7ZWvm1%2BIAS4jHOH3udxuCAeGY6%2FynwwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c08dbb2f138-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8812
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MWNWY79QEVK3G6M0BEQ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XX1V89NTSBZE1R0JRE2M
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8812
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRxpoCfB8eKs5WwsbV25uwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGa7jn%2Fd4lZFHHBl1xQt3OYqgW5ZPG0qVJoAO3yOyw4oJHTyKkHC07Nh8Fbl2NS8Zik6M%2FlW1rMttURF%2Bj8faf2O8FbqHcbcSLI%2B4CnzldoBARHoaKrxdxS9rrUJsI2sTa7xVMXDWQcMOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c13798e3c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8812
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712172073&external_user_id=a600b949-7327-4513-8dd1-922136e21521
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712172073&external_user_id=a600b949-7327-4513-8dd1-922136e21521
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DxwyJkltgrpjmPGjFnrw2z1u5tIMBosi9mpN%2BamO9ZFQnlC79anudF7lByocTr9QW2vCStYkUAIAcMfrK0XMjA5hyEbHOLEHsaGfaNEC17oFw7fawAMQU674VcVHrEFZl8CsgLO6sHsag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c11ae5f3c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 03 Oct 2023 19:21:13 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712172073&external_user_id=a600b949-7327-4513-8dd1-922136e21521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum.casalemedia.com/ Frame 8812
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_81db2243-eac7-47cc-a98e-849465c417ee&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHNKaNc09%2FHw2pl1hnaJk3NSek6T3z8fDFE5%2F%2BBpBYblMzcgO0oDkEG6FxlSoVqHt%2Bqyq7y3rge1ftCz%2BpRv8yHNDFac2LNgnvmZv5ERpIN425pl1RlX230rqTt5qM6BWLNTZTMg"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c152af20211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 03 Oct 2023 19:21:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 8812
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZRxpoCfB8eKs5WwsbV25uwAA%263192?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRxpoCfB8eKs5WwsbV25uwAA%263192
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRxpoCfB8eKs5WwsbV25uwAA%263192
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.210.204.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-204-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v051-00a360db7.edge-irl1.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mRXkMR1TT7w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v051-0aa13f573.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Thun+HVeRzA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRxpoCfB8eKs5WwsbV25uwAA%263192
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 8812
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cea40SYENSXIe6wwKdKdt6qRtvZKJZToTFQxim%2BF39iEo60sDfXg5wPgZ5GkGhJg5RMwldKwqRKiAPuan%2F%2FPJP3Q7aZ%2FbnqNHa2h8IFzCczksySRUUN723IrqN2BjnS8CooSr2GVwZd68w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c1379923c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Tue, 03 Oct 2023 19:21:15 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
ads.servenobid.com/ Frame 8812 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
pagead2.googlesyndication.com/bg/ Frame BA0B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f2cqprNxaY2GOW1kJFnefQh67KLbyJA2ScFiBiL3W8Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
603790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14693
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:02 GMT
dcm
s.amazon-adsystem.com/ Frame E544
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CWFY4RBCSW0EMQKBFGXT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2KZVZHZ69E0FV1HHXKPA
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E544
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBBSRkRGeRaCfGNeJ6bmHn2IH%2FYiXM68a9TIwRzOajsHEjAN8OJF99ULTpfzjGk6CShwbZT77aouKnl%2B9OgiyG7wKR%2Fk5OLN7bKck5Hxax3gUqDIQLrNzfGQ5O0Wi5ueNRylXgOQLaVCMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c08dbb4f138-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMC7UdEBtxqUWoi1_rJFEPw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E544
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRxpoeBwz12u3Pl.F0pnQQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btPek0RGfqA3VYxdgHyZ%2BLsTjaoF7qqqghc4V5iRAx1giQ1jGUNWURoKrbn%2BlxSB72yxiBLJmkfKvQzNbgp6Slpqz%2Buuaijbz%2FSg7p0VzykDypS9VyfpGrj6sCjfLFrA33ykklJgIGpZSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c1379903c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEIJCieNqRAhT8CNQ-lZaoc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E544 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:12 GMT
server
Kestrel
content-length
70
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame E544
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6a7cae5ade1336596d1a0f1be6d1b16&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7286384391552095810&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/6a7cae5ade1336596d1a0f1be6d1b16?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vWYH_WdE2oNVAboIVDpu3Zz.bUOLRIQDgVSuQE3l~A
0
0
rum
dsum-sec.casalemedia.com/ Frame E544
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2504477341020492423
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2504477341020492423
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQaI3MS8a9trXkxtbFaetCKIt%2Fy9j8Teg2uPgMNm%2FsPZWTmAC7zteJfro4VZRuK%2B39Vfxucdt8lsTx09TvsOLo5dzBGnliXNOJ7HHyXQezRaPaH8a3WVzf0486euzrgdD%2BSX1qMy95mz1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c13b9e33c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2504477341020492423
pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E544
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
0
0
crum
dsum-sec.casalemedia.com/ Frame E544
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629981899883
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629981899883
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwzH0DpXAhwvc7UivCbkQdn8nQxSFxuWOllOMoQQ4VmeThLqfPhKavg59hSOjsJQOX2KAhVBzqSlxLHrDg87u%2BmcyFE4qNSjai9i31g8DiPWNQRPXPcDvTkdkmsv5NZkNNf%2F1xKfJT1qug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81078c13da1f3c74-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685629981899883
Date
Tue, 03 Oct 2023 19:21:15 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame E544 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZRxpoeBwz12u3Pl.F0pnQQAA%263214
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
25211
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81078c11ec143cb3-CDG
content-length
43
expires
Wed, 04 Oct 2023 19:21:15 GMT
idsync
sync.aralego.com/ Frame 2DE9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNAPGI8G-8-VLW
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNAPGI8G-8-VLW
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/963a1a30-1217-3d49-82f2-83d501b0fb73?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
0
0
sync
ads.servenobid.com/ Frame 95BB 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5294539708228200926&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 95BB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 95BB 		0
0
pixel
cm.g.doubleclick.net/ Frame 95BB
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmdnRDFJZS1KVnRUeG1LWDl6TVFwc3l6Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
0
0
9.gif
id5-sync.com/i/102/ Frame 95BB 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 03 Oct 2023 19:21:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
usersync
usersync.gumgum.com/ Frame 8D32
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=211986550558328471
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=211986550558328471
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:13 GMT
an-x-request-uuid
676e9bf3-023a-46c9-a73a-06e581045ad1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=211986550558328471
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 8D32
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=491f0bfe-72ef-4f92-8107-8dc48d785888&ssp=gumgum2&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b
0
0
syncUser
sync.outbrain.com/ Frame 8D32
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28629oJu96lJ4NOqMYFzzwMr7iEoj3mp2C9LJ1_5Eqx0cIVs7OSpJ0hCMHaAaaqbAI%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&obuid=ENC(629oJu96lJ4NOqMYFzzwMr7iEoj3mp2C9LJ1_5Eqx0cIVs7OSpJ0hCMHaAaaqbAI...
0
0
usersync
usersync.gumgum.com/ Frame 8D32
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=137272fd-1a7e-0c27-1a10-9bd830b290b0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=137272fd-1a7e-0c27-1a10-9bd830b290b0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 03 Oct 2023 19:21:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=137272fd-1a7e-0c27-1a10-9bd830b290b0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 8D32
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4d1cd756-2393-512d-6b30-4925618e2abe$ip$158.181.111.68
Date
Tue, 03 Oct 2023 19:21:15 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 8D32
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jZfg4udE2pd4IrQbD2kVefJXLuxUtcPvzb_3~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-jZfg4udE2pd4IrQbD2kVefJXLuxUtcPvzb_3~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 03 Oct 2023 19:21:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-jZfg4udE2pd4IrQbD2kVefJXLuxUtcPvzb_3~A
content-length
0
usersync
usersync.gumgum.com/ Frame 8D32
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=ee6af653-2be4-4d10-9b92-abb15c773ce7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=ee6af653-2be4-4d10-9b92-abb15c773ce7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=ee6af653-2be4-4d10-9b92-abb15c773ce7
Date
Tue, 03 Oct 2023 19:21:15 GMT
Connection
keep-alive
X-CI-RTID
0373a504-39ca-4a4f-aaea-faade56c7601
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 8D32 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
content-length
0
server
c
23178
stags.bluekai.com/site/ Frame 8D32
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=cg5K0YeePjdXt5JYe138&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
0
0
server_match
ad.360yield.com/ul_cb/ Frame 8D32
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
0
0
usersync
usersync.gumgum.com/ Frame 8D32
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=NHwzD3SaqyXD&ev=1&pid=558355
0
0
usersync
usersync.gumgum.com/ Frame 8D32
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5294539708228200926
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5294539708228200926
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5294539708228200926
date
Tue, 03 Oct 2023 19:21:15 GMT
content-length
0
sync
ads.servenobid.com/ Frame 8D32 		0
0
khaos.json
token.rubiconproject.com/ Frame 5D2A 		7 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LNAPGI8G-8-VLW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
request.php
hal900026.redintelligence.net/ Frame 4E58
Redirect Chain
  • https://hal900026.redintelligence.net/request.php?zone=eoj7iutodpqy&nw=20&renderingType=javascript&namespace=349faaa666&subid=&uid=674fd53d226ddec6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900026.redintelligence.net/request.php?zone=eoj7iutodpqy&nw=20&renderingType=javascript&namespace=349faaa666&subid=&uid=674fd53d226ddec6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=eoj7iutodpqy&nw=20&renderingType=javascript&namespace=349faaa666&subid=&uid=674fd53d226ddec6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2V8ynGkcZcOPDJDXgAfelLqgAZHB0Jtp0-uDktwP8C4QASC6hMAzYPWFgIDcBMgBCakCl6DsjUuKsT6oAwHIA5sEqgSXAk_Q031Nh2o4pex_bbVpaCuobXJtvKwuwvvx58dewdCWFEzc40Tgi5uCALzfhxBMwN-sQKybNM9iFOPqT6OM2UoVRrsLmHFY6tmROEWdEeGnOAtVcgpMFEPMgE2VhZYLQDpYdJbRR0CqsvEuMWGw-4e4UQ4VP9b9WMDl14QJ4f_i7rnJzlrldCWxSi93UHImnwgmJPCPKcVBw92bpcOLafgfTwqLfaxuHEYCtHkdcP3DpuWRbzGbVi5l0QH4Kh6k7dnIvEveJNy84dSyKZKSKKPymWXlXbsbnRvB5SUfRGnqJpqzCVNIRWZuAZT3WGwWU4OnNnsb93HlENioKBKDgInj11o6v_0Lpo7rrTsXeUq2KWd2DovNNMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj1xO3TzNqBAxWQK-AKHV6KDhSwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIw83u08zagQMVkCvgCh1eig4UEAEYASAAEgI0gPD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE%26sig%3DAOD64_2F9Wf6NZQSRF5fz5B2IqewAAzhpA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Dy0lCCIvxtalMZeyQ-TTREHR2Q0XKYNjFvIyLscrmpn5AFJyIWrp36zKNiZLqvbZeDnE85_VS9V2pdvjWeJNh2LegmFdPWpeZeCVkKBfi4IERR2KysGo0_5Tpex6r-TNG9dmhEFYy8FfHRKtxIcmDbpVAhY11VNElzA8LMNyoyUKYrUW4%26cry%3D1%26dbm_d%3DAKAmf-Dy17OUI7uwlAFN_y7aGe3OAdEiifieXER7ofYBaGlrqa5eTeLDXvAxzGrg_3lp1EgmycVE_hsV9AafLKRI7ZhyErnOryk2U1iI4q22P8L-qaUXH9KAtrXrJMTCacOPeQ1z2BOSkT5qe-aOseF3xvvpTQDSORtJaojBWUidGtu4DEX7T8-lqoKlhnjzWwznAiVOcxElU3luXC4ObIomNpECSB6zQGOQq6nyFXzRATJwKBtVH4V8_CZ8x3xEQ2_Bya8Cnu_KIe3d_x8oBNOvsvOWcmznX6LUwW1xrCkS13VYj7cp_jt3aEvD5egYBuFWdh9_jlBnjAAvo_U82F6ZwzsYbFunMe44Y3wrljkaugJUUM7Lm0RqkPoDCaHkXBqMY97RZmGUVoInXO7xubN45XXqQpcgwbIJlpAgGaS5IKkU5iVM6RVoY0lcqqEGQhzozZrGVTOVxKVHlIX839ACG5TCZrdozD_hX4ZSTbtZsRx7Ab7pO36TCWWPTRzpXcXbnIF96DwCRSn2Epjf6xKi4E-o4rwStaZqR3xX1FM53qTVlbiVD9pJ48FZMyoCDf5VB_nbUIhf0TShgJF1WXcwudG9018Oz2SZQLPWeXOj1mRJ9X2kEkY5Bu52-of3kc73mFNiRnMfouvETzA0mGw9rqyv94R0aQW5RICc6Etsur_c6AMSLMY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9998866726532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6463fd68ca13c0f88d1acefbd0077b993a98c2d544cc86800b9c8971d6713022

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
10444100160732304438270012466026
Connection
close
Content-Length
799
Expires
Tue, 03 Oct 2023 20:21:16 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:15 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=eoj7iutodpqy&nw=20&renderingType=javascript&namespace=349faaa666&subid=&uid=674fd53d226ddec6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2V8ynGkcZcOPDJDXgAfelLqgAZHB0Jtp0-uDktwP8C4QASC6hMAzYPWFgIDcBMgBCakCl6DsjUuKsT6oAwHIA5sEqgSXAk_Q031Nh2o4pex_bbVpaCuobXJtvKwuwvvx58dewdCWFEzc40Tgi5uCALzfhxBMwN-sQKybNM9iFOPqT6OM2UoVRrsLmHFY6tmROEWdEeGnOAtVcgpMFEPMgE2VhZYLQDpYdJbRR0CqsvEuMWGw-4e4UQ4VP9b9WMDl14QJ4f_i7rnJzlrldCWxSi93UHImnwgmJPCPKcVBw92bpcOLafgfTwqLfaxuHEYCtHkdcP3DpuWRbzGbVi5l0QH4Kh6k7dnIvEveJNy84dSyKZKSKKPymWXlXbsbnRvB5SUfRGnqJpqzCVNIRWZuAZT3WGwWU4OnNnsb93HlENioKBKDgInj11o6v_0Lpo7rrTsXeUq2KWd2DovNNMAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj1xO3TzNqBAxWQK-AKHV6KDhSwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIw83u08zagQMVkCvgCh1eig4UEAEYASAAEgI0gPD_BwE%26num%3D1%26cid%3DCAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE%26sig%3DAOD64_2F9Wf6NZQSRF5fz5B2IqewAAzhpA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Dy0lCCIvxtalMZeyQ-TTREHR2Q0XKYNjFvIyLscrmpn5AFJyIWrp36zKNiZLqvbZeDnE85_VS9V2pdvjWeJNh2LegmFdPWpeZeCVkKBfi4IERR2KysGo0_5Tpex6r-TNG9dmhEFYy8FfHRKtxIcmDbpVAhY11VNElzA8LMNyoyUKYrUW4%26cry%3D1%26dbm_d%3DAKAmf-Dy17OUI7uwlAFN_y7aGe3OAdEiifieXER7ofYBaGlrqa5eTeLDXvAxzGrg_3lp1EgmycVE_hsV9AafLKRI7ZhyErnOryk2U1iI4q22P8L-qaUXH9KAtrXrJMTCacOPeQ1z2BOSkT5qe-aOseF3xvvpTQDSORtJaojBWUidGtu4DEX7T8-lqoKlhnjzWwznAiVOcxElU3luXC4ObIomNpECSB6zQGOQq6nyFXzRATJwKBtVH4V8_CZ8x3xEQ2_Bya8Cnu_KIe3d_x8oBNOvsvOWcmznX6LUwW1xrCkS13VYj7cp_jt3aEvD5egYBuFWdh9_jlBnjAAvo_U82F6ZwzsYbFunMe44Y3wrljkaugJUUM7Lm0RqkPoDCaHkXBqMY97RZmGUVoInXO7xubN45XXqQpcgwbIJlpAgGaS5IKkU5iVM6RVoY0lcqqEGQhzozZrGVTOVxKVHlIX839ACG5TCZrdozD_hX4ZSTbtZsRx7Ab7pO36TCWWPTRzpXcXbnIF96DwCRSn2Epjf6xKi4E-o4rwStaZqR3xX1FM53qTVlbiVD9pJ48FZMyoCDf5VB_nbUIhf0TShgJF1WXcwudG9018Oz2SZQLPWeXOj1mRJ9X2kEkY5Bu52-of3kc73mFNiRnMfouvETzA0mGw9rqyv94R0aQW5RICc6Etsur_c6AMSLMY%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9998866726532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 03 Oct 2023 20:21:15 +0200
banner
ad2.adfarm1.adition.com/ Frame 814E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4389191&adjsver=3&fvers=&iframe=1&ref=https%3A//www.bg3.co/&ro=https%3A//5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7285814428801109002&kid=5609187&kw=PACS%5F4787112%5F17068014&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gclid=EAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389191&gdpr=0&gdpr_consent=&ts=7285814433103874828&kid=5609187&keyword=PACS_4787112_17068014&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a7686b273882ef8e2e1a1718690e0642bf7251cdddff7dc585f0b18d6d261789

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 21:21:13 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7EE3 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51287808&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3587200da9e152034fcd0997143f766c1653a3de088fa564f590ce1fc8966ff2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:21:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
rtb.gumgum.com/ Frame F023
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=749143749442182727&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=749143749442182727&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.115.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 03 Oct 2023 19:21:15 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 03 Oct 2023 19:21:13 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=749143749442182727&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame CF1B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRxpqwAAAcXj6wA_
  • https://usersync.gumgum.com/usersync?b=atm&i=ZRxpqwAAAcXj6wA_&gdpr=0&gdpr_consent=&_test=ZRxpqwAAAcXj6wA_
0
0
480_650.mp4
cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/ 		24 KB
24 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bf0df2fd87faee69763320c538cb96a4edd731b768630609afeca5ae9be7d4b0

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16875520-

Response headers

Date
Tue, 03 Oct 2023 19:21:13 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16875520-16900083/16900084
Connection
keep-alive
Content-Length
24564
ecm3
s.amazon-adsystem.com/ Frame 2DE9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5WjSo1R2QZS3I2ZgoXcZoA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5WjSo1R2QZS3I2ZgoXcZoA
0
0
pixel
cm.g.doubleclick.net/ Frame 2DE9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5BUEdJOEctOC1WTFc=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELvb9EPtElCOKLTTL8Ysj8U&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5BUEdJOEctOC1WTFc=&google_push=
0
0
rubicon
match.adsrvr.org/track/cmf/ Frame 2DE9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2DE9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM2YTViZjBlMWFjYzU5YzlmOTI5MzA0Nzg2YWNhYjdkMjBhYTNjNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM2YTViZjBlMWFjYzU5YzlmOTI5MzA0Nzg2YWNhYjdkMjBhYTNjNg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGM2YTViZjBlMWFjYzU5YzlmOTI5MzA0Nzg2YWNhYjdkMjBhYTNjNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2DE9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN2C19K9zRWVeuOWiqafGzM&google_cver=1
42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN2C19K9zRWVeuOWiqafGzM&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN2C19K9zRWVeuOWiqafGzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 2DE9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAPGI8G-8-VLW
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAPGI8G-8-VLW
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 95E083C2E7A8415893F7CD0C7CAEFEC5 Ref B: ZRHEDGE1917 Ref C: 2023-10-03T19:21:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYG1MtyFOi5K8qNvy1HKw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNAPGI8G-8-VLW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2DE9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=u1nmypqKRhGdMJdUCE381w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=u1nmypqKRhGdMJdUCE381w
0
0
tap.php
pixel.rubiconproject.com/ Frame 2DE9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xA7DsrwhNwseN_gI2GldCA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AUnB5TdE2oKVgzsqTR4QLslYe7RjdaxX37I16Q--~A
0
0
rp
match.prod.bidr.io/cookie-sync/ Frame 2DE9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
0
0
liveCS.php
live.primis.tech/live/ Frame 2DE9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAPGI8G-8-VLW
0
0
token
token.rubiconproject.com/ Frame 2DE9 		0
0
token
token.rubiconproject.com/ Frame 2DE9 		0
0
setuid
ib.adnxs.com/prebid/ Frame B0D5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNAPGI8G-8-VLW
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNAPGI8G-8-VLW
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
an-x-request-uuid
e9d190bf-86e7-4081-b581-08ce801db84f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNAPGI8G-8-VLW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B0D5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ce06a85f-a5b0-4ba3-a88b-475d5350ac07&expires=30
42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ce06a85f-a5b0-4ba3-a88b-475d5350ac07&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ce06a85f-a5b0-4ba3-a88b-475d5350ac07&expires=30
Date
Tue, 03 Oct 2023 19:21:15 GMT
Connection
keep-alive
X-CI-RTID
b7e608d7-c531-433e-9c87-e05c7bfd89c4
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame B0D5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=103245011659624345
42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=103245011659624345
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=103245011659624345
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cookiesync
bttrack.com/pixel/ Frame B0D5 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.68.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Tue, 03 Oct 2023 19:21:03 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B0D5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=TRzXViOTUS1rMEklYY4qvp61b0Q
0
0
tap.php
pixel.rubiconproject.com/ Frame B0D5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8f7131a5-7da0-4a0e-a20f-6ea933cbf478
42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8f7131a5-7da0-4a0e-a20f-6ea933cbf478
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=8f7131a5-7da0-4a0e-a20f-6ea933cbf478
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
869208
content-length
0
expires
Tue, 03 Oct 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B0D5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2576534935058420359&expires=60&gdpr=&gdpr_consent=
42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2576534935058420359&expires=60&gdpr=&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2576534935058420359&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame B0D5
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=211986550558328471&expires=30
42 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=211986550558328471&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:13 GMT
an-x-request-uuid
2dfbdbb4-f266-45d0-9ea6-161c69a68879
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=211986550558328471&expires=30
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame B0D5
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1918927419
0
0
709414.gif
id.rlcdn.com/ Frame B0D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B0D5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1
0
0
143
match.deepintent.com/usersync/ Frame B0D5 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
content-length
0
server
c
pixel
cm.g.doubleclick.net/ Frame F1E2 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTUzYTI1ZC0wYWVjLTRkODUtYTZlZS1mYzcwZTJmMDk4MWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:21:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 37EC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121379
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 03 Oct 2023 19:21:13 GMT
expires
Thu, 05 Oct 2023 05:04:12 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame E56B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=2044665408255078&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame 0142 		156 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=227426154709576&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FZ5S3thgBG_relGoQP7RBZw%3A1696364458%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F976D623-F568-4E23-BFD4-3B342CAD6190&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=1696360873324&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&scor=4271534102917294&ged=ve4_td25_tt8_pd25_la25000_er742.400.743.800_vi0.0.1200.1600_vp100_ts8_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E730 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 03 Oct 2023 19:21:13 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 7215
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRxprMCo8XgAAB9MBacAAAAA
0
0
gumgum
cs.admanmedia.com/sync/ Frame F8DF 		0
0
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 58BE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 17:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
5513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 17:49:20 GMT
usersync
usersync.gumgum.com/ Frame 23AB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=lYArsujLej77SoRkDdQC&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=lYArsujLej77SoRkDdQC&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 03 Oct 2023 19:21:16 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 03 Oct 2023 19:21:15 GMT Tue, 03 Oct 2023 19:21:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=lYArsujLej77SoRkDdQC&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2D7D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Oct 2023 19:21:15 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Oct 2023 19:21:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cs
cs-rtb.minutemedia-prebid.com/ Frame 3E25
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRxpoeBwz12u3Pl.F0pnQQAA%263214
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRxpoeBwz12u3Pl.F0pnQQAA%263214
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
PQLkXt2hHgItTbuOMMVNR8pZRRYVkVq_qCHag2V6Xt3xesD2mCXalg==

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY3rxeZbW4eUaF%2BCmbrvFZfXeE%2BK10tcYTCZm7Zsa4XGc9TSoGpcGsxlSZ17gNl6qAoBUdjMbPXlNz6MLa8BrmGN8H9p19yzB706l72S%2Fw0n9tMe1dqmOrTkkgzEm5ICJ%2FYy4YO%2FL%2BKL4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRxpoeBwz12u3Pl.F0pnQQAA%263214
cache-control
no-cache
cf-ray
81078c0d8c51f138-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 3E25
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=7d163489-4df9-0b25-05f3-92c2b8e11b13
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=7d163489-4df9-0b25-05f3-92c2b8e11b13
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
0q-YfwVfQU3K2M75x_o-bjYVAr7Mgq3yr7qBQ5pgbETCdlBO3o75uw==

Redirect headers

date
Tue, 03 Oct 2023 19:21:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=7d163489-4df9-0b25-05f3-92c2b8e11b13
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 3E25
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=295918812076127404041
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=295918812076127404041
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:16 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
q7K3mL_wDrsLmI16j2037MxA8nW_g1WgVLI9wvFN-m_uzNZA_grcuw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=295918812076127404041
date
Tue, 03 Oct 2023 19:21:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 3E25
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
ZOMrSgkGzBhPUks8LPyWfVGbQO-AMyPRGxZi4RUHhkOI3HzxDx2Otw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Tue, 03 Oct 2023 19:21:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
pixel
ap.lijit.com/ Frame 3E25 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 03 Oct 2023 19:21:16 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 3E25
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
sHi6amiU14meviGzw93nyExRRqy6jEuVJIxIy3qqM-q9vpZleXtyhA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
date
Tue, 03 Oct 2023 19:21:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 3E25
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=cbb63d112b2b132fdce6b1ff7b32a15f
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=cbb63d112b2b132fdce6b1ff7b32a15f
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:16 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
pU7tNHdIgw8YiFcM48B5RuP9HCQJTrkmnNLCWSo1cM40zK2HXbXDLA==

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=cbb63d112b2b132fdce6b1ff7b32a15f
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 3E25 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=Xmeprmj-C_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA0B 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDFuooGkcZbbQHNCsjuwPmd7p6AgAAAAAOAHgBAI&bg=!EhGlEV7NAAZN1Q_XbdU7ADQBe5WfOGjEBZ1-ByNOWFIeFDwoYUVE3hxDr3xBw6pzIrl5Q6IDXv7gXWlez6f1Je2l-3nKAgAAAwBSAAAAG2gBB5kDAuDJxkLYee87dCLtOZC44PFfJg_HquxsgH8K6-uOZyeHzEPrtfla7qcMCRMudrirB5FE0g_cxsNorDzxaKE4lP4k4YrhPDKRrIqPwhY6hpDtDY68oBtLovhBkjTtH6jn4BOfprL_1SNvjUmxGnbXv-JmqoeyQQkECaipFKa5e_L9LrxUGs3Ps6oQZgGwPVIixWHGv_NvZypl4ukciOqEtpOIg3M-JuJXI_G-l8M1ZvKntGj_SwFlCENmIrhXT40K3O_W2DVA_6_KTO_Oh4zrFTf9nM1ru2sQpYuAIu7tCThxu6bDC2O67yYhbvWMYd_yg-zpZEwf5tk1rA3L22tQurxRdjZ_W3KQuZ7FNU2VFrv6vSe08uD8fUt-hLiFhszjH2gIxyBkHMboidLNjCQb5BQbEnNvtdts3irdKOL1fahZHFYf0ZA-sTDrhgewyovkbi7JYqWK97JtqNsRMH4bOGfTKN-hKGE0Vx_BIeREpI7hLYiz35CuA2lFVnRyoPcMgq6ennStNVPF_q_-LE4_hIq6xoiAAsGEE0ooHPtjfPVLmG5b5uH80vXKsy9DG1yWPPN9EH5vqhVdh3aXD7ECMncT-lfJP9dlDkSaaOHdR1embegiFDAJ8fIalo6mnYCoHoA0lInFCDuJ5UaWqAn_kUG_G7I_qhgZyoDx1ThQjDDIr04GGwBeouDTWxxxuXj6OB3PtPTc44YFvT9x_UaQwlCPC5liRqfUqbT7YrKzaI8eMnUplC3iM3LUrhDk0CHZZklorGdJG4tHA8EWvUHuT-z5y99uO6xoom26LE3bdnGaDClPJKK97osaJURwjx6mM7wz7wt-CZ-fynFoed35HE2HMr54t66gICZorAo4kvKYgxFQwkTZJYAdAH_INXONQ7I22h09wSy3WRAzE_BapDxHLyaRZ-2crQzyRI2p7rg2k0hwx7FeD6So9j-7G-Kf8ShzoZ9W2rRQmRhH_HWl5Q3GlEWdVNsiUHWy16gzHqc0p-wo7K1nWRPtPISWLmTYRd_q
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE24 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3Ps-n2kcZaLRGoby3gPnjYvoDgAAAAA4AeAEAg&bg=!lJell9jNAAZN1Q_XbdU7ADQBe5WfOPMvqgCMJeBlKK1k-6GPjmhdjVcpC98New8jKmx-IdxWY1na7VfwwfxhwavoqPr6AgAAAwdSAAAAa2gBBwoANceJG8tMBKcWlxiMNEC-aYFZ2UbGGXJaPvQ6PZcPikjATqSHoGjgBT-rWPjTt6siDBREiRMUmQMLvGtrohVP3GyuxZXJaBn2bCWQR83X8_hQeYAWZMkfAF4y-2i9g4Kpk62V1KOJi1V4gf1yj8nQ8pvwOSqUmid5z2S-PxVbtkwXKLWME031YPWO8VttTpN1N41CixDgXJ9rNL6wTpzc7mB4AY46Tp6oQ0up1bC63KhVwOCug_JMkRXJO1ZyT17xs1I7Bs1k9YZoID5aZm8U2Z1VQ1Bt-GpyzcrLBmwbaB4HQVMvK27elp-jsLybN1QCwWOwp7enMQcx3d2qxRStyh9S78pE726tiVF5Lxgbnv8UJkfMR8Q0isXDu_6e1amsno-IrL2E8dU40gArlq5vpoIOGriq6yYBlPa7J8MJfCaETxLkJUXhM9hejBCPtDyv91l2Ze6EN__FE3KQO7O_F29-tF-LUiNQ0x27PRkqW1cABm3erO6M8C6LxTaZet7XSipuyLkZeDkzfND_m9l9l9GUMqcShv_v99SQFW7jb-pUBGVYs3qvzGr8bi_Z7lcE5f3tvOaDXTNE-IVyrhh1biJCVeaE_c_DJ529HnwCIfg7Tt1zhwOu4SEcxoE9HUgOlEy4beCuYE73oVCOc5J67NvHCyLZqPeFAYT7OYqSTv4_cJFbLkCfqLbtsoqFlH1a0UWzzDhBNldmFoBI5jxkpeocK1ZH7Lp3oZ6vh55YgfYaIRjveSmxtrNDj_hUCCS3vs8KsNvhhpKTNclFq-5u7WLQWQfsSblTLwr96DSmK7-51LPFeN8qQPumiE1I6feJjs5vOTgwogvDgOgLXmyCW9jWCXj59CDv822f7OD1nS1s4MfOal0GmhQimUplebWjqjqBaUIwIP-oAjn0H_VzCzAU1S909CeOVbmACHTb_VLten37mOKl3K5C0ochbmwu359c_CrmNqzVLAKP4UzqaG0OXjfxTwGUW5D2vXzaqBzYbk7IPkKWtezgUrU_zC-i1tZkzvXmEFZv9V2pVrKvoPRpxC6Kn0WLLM08y9riM9iqffflGhUqUKwgM46-EO6e3A9pmd52zzzQPSt43r06hKSI_-Q
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F707
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=211986550558328471&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=211986550558328471&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.214.104.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-104-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:15 GMT
an-x-request-uuid
99a83d3c-185d-4e98-a1d8-6484df4f9c84
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=211986550558328471&gdpr=0&gdpr_consent=
x-proxy-origin
158.181.111.68; 158.181.111.68; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame F707
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.214.104.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-104-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
date
Tue, 03 Oct 2023 19:21:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/universal/ Frame F707 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-139-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
cs
cs.yellowblue.io/ Frame F707
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.213.151.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-151-23.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:21:15 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=6a7cae5ade1336596d1a0f1be6d1b16&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696360875008022-361
Expires
Tue, 03 Oct 2023 19:21:15 GMT
sync
ads.servenobid.com/ Frame F707 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=5CAp9m0zkj_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 5D2A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LNAPGI8G-8-VLW
  • https://ads.servenobid.com/sync?pid=323&uid=LNAPGI8G-8-VLW
0
0
Mueller_Multimedia_Emotional_728x90_x_220105_vdj.html
imagesrv.adition.com/banners/268/01/03/c1/29/ Frame DB55 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/29/Mueller_Multimedia_Emotional_728x90_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285814471751437321%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023273%2526c%253D12478%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e1a2111ff3e354d7638292d3340b7c3a9e388e8bb4e8fee035f5d666cb979e78

Request headers

Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
1099
content-type
text/html
date
Tue, 03 Oct 2023 19:21:15 GMT
etag
"1311045664-br"
last-modified
Thu, 01 Jun 2023 08:55:17 GMT
vary
Accept-Encoding
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame 814E 		2 KB
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7285814433103874828&btr=true&pos=top-right&cid=558342&aid=558342
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
193b202de74c47433bb12e2e32b71a195bf8faed81ee8f40effb47e0bc25a525

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 19:21:15 GMT
content-encoding
br
content-length
609
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CE94 		1 KB
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
URL: https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74705
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Tue, 03 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 0142 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnapgqna&c=6480063276513&slotId=3240031638256.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.43.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bkk03s01-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:21:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ysm_bg3.js
ad.sitemaji.com/ Frame F308 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:09:54 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
681
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Wed, 04 Oct 2023 19:09:54 GMT
truncated
/ Frame 814E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76b36d799b00cb57f1de71795762a38049dafde609e6abc2abae357b169360b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 2D7D 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 19:21:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Oct 2023 05:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35414
Connection
keep-alive
Content-Length
10474
Expires
Wed, 04 Oct 2023 05:11:30 GMT
480_650.mp4
cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/ 		616 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Z5S3thgBG_relGoQP7RBZw:1696364458/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=65536-

Response headers

Date
Tue, 03 Oct 2023 19:21:16 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 65536-16900083/16900084
Connection
keep-alive
Content-Length
16834548
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame DB55 		753 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/29/Mueller_Multimedia_Emotional_728x90_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285814471751437321%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023273%2526c%253D12478%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/29/Mueller_Multimedia_Emotional_728x90_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285814471751437321%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023273%2526c%253D12478%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:16 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
createjs.min.js
code.createjs.com/1.0.0/ Frame DB55 		0
0
Mueller_Multimedia_Emotional_728x90_x_220105_vdj.js
imagesrv.adition.com/banners/268/01/03/c1/29/ Frame DB55 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/03/c1/29/Mueller_Multimedia_Emotional_728x90_x_220105_vdj.js?1656412802075
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/29/Mueller_Multimedia_Emotional_728x90_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285814471751437321%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023273%2526c%253D12478%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
66da4a9938b444144754a6ef464b2faa16ba2842d39aa4dd4dd40d840b6bbfb1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/03/c1/29/Mueller_Multimedia_Emotional_728x90_x_220105_vdj.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJS1fnGkcZZySHIyV1PIPpIqQgAT7vYusc7%2Df6LGIEdq24u%2DaOBABILqEwDNg9YWAgNwEyAEJqQLXkbWdaIyxPqgDAcgDmwSqBJYCT9DRCDldeR35SUVhH7DaTPD72QLRDIpmZf5X5305HpGnspwUx1RSOPgGwP21eiIeiKB1XDHQtLcdmmT9epIqoKbH9ITPzXgFDK78yKKpLOVBDdLaCqfThUv7E4oEZ2piMJouybsyNKUKpDOFgY%5FIE8RwQaZpvK2zpkjBy3rdjs263709RTUDvhLt2c8HmDWx0Kf2L5YsumUBCdTKktYLTdT%5Felr9%2DnZ015IIsLRN6k8Y1GPSxyRp2%5FGX%2DS4dGz9%5FEzQ0Ryzdci481bRWKRUARFHbOXrHlG2WjayqTwXZkzf5ZVDYwTdO7meyHNz9jgzC0ubaYQrORJ1z8UISW1IFdk9CdZ8GqKdkVtc3jn67efGATRqPDMTABILP6uClBOAEA4gFvoTl9keQBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB0yAooCOgKAQEi9%5FcE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBqg0CQ0jIDQHiDRMIz9Xt08zagQMVjApVCB0kBQRAsBOq44EV0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE%26sig%3DAOD64%5F3tRItVVSnMFpFj4w%5FYo55Th%2DsF3w%26client%3Dca%2Dpub%2D8933329999391104%26dbm%5Fc%3DAKAmf%2DDezW3ZBiKnEfCHu%2Dkkq4KPK3eQMe0BYO%5Fp935x1pXH8ZueVoxafiR0ahqVuuEvVVvVv4RJ47xt%5FaOStThBaoPcndhScJxFj6xeFVwsEw%5FxvfyErV0pWW9q6TrDMy4y8Q1xw%5Fm%5FIlReOCRumd4fbIbM9vk1152YLM%5FolMJNnhaFfKzkgIY%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDvz6%2DGSlocWcngxE7naAd5eczsw23Xcs7ZHM27jHCCkH2xacpXuMWUStuNSYatGGNeIWa7Mdszr%2DuRkSc4BzhOD3XSslMtqv%5FeForZMvDqo67uNtIWno8gHaoaIqgAW%5Flo3v2pCfKC4C01J0GDWci5VYECFgQtH5cvX3NksECIG0FqdqfqdSQhB8WW022lHSpucE87dWaMB9aQcBW%5FzSy1ax0BdW84O64z8VUHyOmhSIBTh93XfosyP3M0Nosrqeq%5FhKw01STs5Q1PXLO2rObsxhQfPkh%5Fy%2DMNp%5FK0KHuQNQJz41IAX3YirITmN3P69Yd4BzmimJCifm6NacYWZoZ9JmJV%5FnmUC4s9nx2Vjs79DMxjEEBoJDs5qFrg5tMv79ale5OwjHVWrKHnPbhHr5ne0n%2DIpothTGjdYDoS%5FICCRC5TABAM1ZGLtUL1g8DMkzJN6DJBXXk3uQ%2DrYnujYoiuobixZdp2B%5FaA7QDYkA9taJJlsERcuXD3tf%2DaHhcwEciWbVpzl8NjsV0vplQrtxUbhwqgiA%2DJqBFiZQK76ywYjYEtVGhXtSGbQz3EjkIyVJMRaLDG3xnc6IvrUcWvKWDiBp2sJgqCz7j62bfMD2%5FY%2DJWb64BFS%5FSbXKt9AxN88ondq90G9b%2Ds31Svt8gKvFedbmjjs9UEkXwLVq5IH3GFUYmLaR0%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7285814433103874828%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D8204%2526keyword%253D%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7285814471751437321%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7285814428801109002%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023273%2526c%253D12478%2526keyword%253DPACS%25255F4787112%25255F17068014%2526gclid%253DEAIaIQobChMInND%252D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%255FBwE%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D%26gclid%3DEAIaIQobChMInND%2D08zagQMVjApVCB0kBQRAEAEYASAAEgIREPD%5FBwE&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:21:16 GMT
content-encoding
br
last-modified
Fri, 22 Jul 2022 09:12:52 GMT
etag
"933001754-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8218
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame CE94 		0
0
pixel
cm.g.doubleclick.net/ Frame CE94
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBDlJSeTkPXkKt0xFHy_y9s&google_cver=1&google_push=AXcoOmT3-Cl3_SL-JAPaHfx0a2ooccoZveptlSSFRdwbgyyPIQZbKzokBl1op-cEF2dSmIAijStr7OuU...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAzMjQ1MDExNjU5NjI0MzQ1&google_push=AXcoOmT3-Cl3_SL-JAPaHfx0a2ooccoZveptlSSFRdwbgyyPIQZbKzokBl1op-cEF2dSmIAijStr7OuU...
0
0
pixel
cm.g.doubleclick.net/ Frame CE94
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIrm9gC5cYVVjJbswr6t3_A&google_cver=1&google_push=AXcoOmTNigDkFkW2sOA8lGth6xX2DaQEKpCeO3VAffpV2e8tFmpfyhIdwV6VjlalLbd6n9k3OVKOdnPXBGp9VLW7FWb3-IGvHupr
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTNigDkFkW2sOA8lGth6xX2DaQEKpCeO3VAffpV2e8tFmpfyhIdwV6VjlalLbd6n9k3OVKOdnPXBGp9VLW7FWb3-IGvHupr&google_hm=OxlcsZvtjV-bH8eCK_urTA==
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame CE94 		0
0
us
sync.go.sonobi.com/ Frame CE94 		0
0
sync
google.partners.tremorhub.com/ Frame CE94 		0
0
um
sync.teads.tv/ Frame CE94 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame CE94 		0
0
sdk
agent.aralego.com/ Frame F308 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1044
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7311 		0
0
getuid
ib.adnxs.com/ Frame BA3A 		0
0
p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame 6F3D 		0
0
/
dsp.adfarm1.adition.com/cookie/ Frame 90CE 		0
0
sync
x.bidswitch.net/ Frame E667 		0
0
sync
sync.srv.stackadapt.com/ Frame EB31 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1750 		0
0
/
csync.loopme.me/ Frame 1219 		0
0
pm
match.prod.bidr.io/cookie-sync/ Frame 6895 		0
0
sync
t.adx.opera.com/pub/ Frame 0F16 		0
0
bridge
cm.adgrx.com/ Frame 4C5E 		0
0
cm
ipac.ctnsnet.com/int/ Frame 139B 		0
0
cm
p.rfihub.com/ Frame B9C8 		0
0
pubmatic
d5p.de17a.com/getuid/ Frame 6019 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 67E5 		0
0
cookiesync
core.iprom.net/ Frame B446 		0
0
i.match
a.tribalfusion.com/ Frame B33B 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 985B 		0
0
cm
green.erne.co/pubmatic/ Frame 31A0 		0
0
sync
ads.servenobid.com/ Frame 37B3 		0
0
pixel
cm.g.doubleclick.net/ Frame 7EE3 		0
0
qmap
sync.crwdcntrl.net/ Frame 7EE3 		0
0
cr
cr.frontend.weborama.fr/ Frame 7EE3 		0
0
match
a.audrte.com/ Frame 7EE3 		0
0
pubmatic
um.simpli.fi/ Frame 7EE3 		0
0
match
c1.adform.net/serving/cookie/ Frame 7EE3 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 7EE3 		0
0
sync
ups.analytics.yahoo.com/ups/58292/ Frame 7EE3 		0
0
C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7EE3 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7EE3 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7EE3 		0
0
cs
ad.turn.com/r/ Frame 7EE3 		0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 7EE3 		0
0
apn
ads.playground.xyz/usersync/ Frame 7EE3 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		0
0
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
khaos.json
token.rubiconproject.com/ Frame 2D7D 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 7EE3 		0
0
adplayer_privacy.sjs
imagesrv.adition.com/js/adplayer/ Frame 814E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 814E 		0
0
generate_204
tpc.googlesyndication.com/ Frame 58BE 		0
0
cshow.php
www.awin1.com/ Frame 4C50 		0
0
cshow.php
www.awin1.com/ Frame 8B65 		0
0
request_content.php
hal900026.redintelligence.net/ Frame 8C8A 		0
0
cshow.php
www.awin1.com/ Frame 4E58 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E09D 		0
0
truncated
/ Frame 4E58 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b9ee904c1241bcca8bbaf19e95f3087ca9a2e85fb3a5ffc7c038a8ae9aefb35

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame FDCB 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 7EE3 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E58 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 37EC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1dc5d8f6bac9baf1984e8150b42af527.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1dc5d8f6bac9baf1984e8150b42af527.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9d4e5227cdf0d0b5578970a34707c831.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ba1f660f44b5931935dc7b36cd58c21e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/530930b9f9b51f70c9bb636b9d9810d0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/8be601b31d814223b5e000c61c6d472e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/2cc24dc2688f4dd452d02d774e3bdee5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/c38345dbc0703949cd680e0cdb542137.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/65cf89826caee312701ad3a998e5feef.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/b1ad12c25d0ba1ea81c996d2a66ec2de.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/15b769bff042bc60cb87e76e3ccf8b9e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/51d94f19a2b6ed48e781e17f0087c025.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/c5602d9b70c481ecd5a7d08bdc64ff18.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f1cb25a3aeee8a7bdff33891289f4a8c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/18a2f0234a530e8d4f57614cd695e23b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5dec899bb48f567340fe6750eb50042c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ef0d322a5ce0a5b986048d81f0556696.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7612196309399d6869387afcefa35059.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/4843e3bbef1d0a0713faad8ff3aa5bd9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7ccdd9e8a932a0e11107926d7fdf6893.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f4625643e46d251a850911015d3b9889.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c8ea24c37c7d9cf6dfbdd3fc5ec9a949.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/2092c18465e675c85c32d75738dc98cc.jpg?w=150&h=100&q=100
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=7ba4b61c-f39a-4f73-bc21-2653678d182b%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%9F%A5%E4%B8%89%E4%B8%AD%E6%A1%88%E9%80%B2%E9%BB%A8%E4%B8%AD%E5%A4%AE%E6%8A%84%E7%B4%80%E9%8C%84%EF%BC%9F%E5%8C%97%E6%AA%A2%EF%BC%9A%E6%87%89%E5%9C%8B%E6%B0%91%E9%BB%A8%E4%B9%8B%E8%AB%8B%E8%80%8C%E5%89%8D%E5%BE%80&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=517bd037-aa62-4cce-94ec-25248e1994cd%3B7b829d85-322d-4e6f-9da4-e265bf0a5f5a&l_pb_bid_id=413fff5df3a637f%3B426dd5a248ec52e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=517bd037-aa62-4cce-94ec-25248e1994cd%3B7b829d85-322d-4e6f-9da4-e265bf0a5f5a&rp_maxbids=1&slots=2&rand=0.224775023268726
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=843742890580034&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FZ5S3thgBG_relGoQP7RBZw%3A1696364458%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F976D623-F568-4E23-BFD4-3B342CAD6190&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=1696360864704&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&scor=3894575214509737&ged=ve4_td17_er741.400.742.800_vi0.0.1200.1600_vp100_ts1_eb24168
Domain
adx3.adform.net
URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=843742890580034&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FZ5S3thgBG_relGoQP7RBZw%3A1696364458%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F976D623-F568-4E23-BFD4-3B342CAD6190&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=1696360864709&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&scor=3894575214509737&ged=ve4_td17_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=843742890580034&cust_params=mt_fln%3D1.8&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FZ5S3thgBG_relGoQP7RBZw%3A1696364458%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F976D623-F568-4E23-BFD4-3B342CAD6190&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=1696360864712&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&scor=3894575214509737&ged=ve4_td17_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=843742890580034&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FZ5S3thgBG_relGoQP7RBZw%3A1696364458%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F976D623-F568-4E23-BFD4-3B342CAD6190&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=1696360864716&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&scor=3894575214509737&ged=ve4_td17_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=843742890580034&cust_params=mt_fln%3D1.3&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FZ5S3thgBG_relGoQP7RBZw%3A1696364458%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F976D623-F568-4E23-BFD4-3B342CAD6190&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=1696360864719&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&scor=3894575214509737&ged=ve4_td17_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=843742890580034&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FZ5S3thgBG_relGoQP7RBZw%3A1696364458%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=F976D623-F568-4E23-BFD4-3B342CAD6190&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcha-san-zhong-an-jin-dang-zhong-yang-chao-ji-lu-bei-jian-ying-guo-min-dang-zhi-qing-er-qian-wang.html&dt=1696360864722&cookie=ID%3D3acf2355195d5cb3%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MZ3EEz7A6yT_Ngm4EJ2sBv1n87ZFQ&gpic=UID%3D00000c8bb21278d6%3AT%3D1696360856%3ART%3D1696360856%3AS%3DALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw&scor=3894575214509737&ged=ve4_td17_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-0fc48e17-89b8-382e-b8ba-b992b8f39d5f&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wZmM0OGUxNy04OWI4LTM4MmUtYjhiYS1iOTkyYjhmMzlkNWYyAh8iOAI=&gdpr=&gdpr_consent=&us_privacy=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=321&uid=RX-37428463-7522-4c7d-83d8-95f30e729ae8-003
Domain
am-wf.taboola.com
URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696360866014&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1558&pt=-522233600&tz=120&viewable=true&ddast=V8fiQCLAaM5FojXhyhWxMYybVGvDhCty4AAABgYID-AEkuhruVx7dZK2cji1u0mS3cCsfM49bNJpvFxmMYLjfLISDJxXC38vg2a-VsZHGLNrOFW-GYedy62WSz2HgMw-VmOQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8GqPDrXnY3dKj3-5zK-xuqdPuFjnsPrf06Lf73MqH3efWGB1-t9TpFrveEpfTLXU67G7l0-5z61x_t9ppd4scdp9benS6FU-7z62yvBVPh92te9h9dqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45EIzR4fYHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPobg03INeqOUohApACzCCAAAAIBn7RvRkUk6QcWiyv__f78VgCsAAAGK9vx4vll0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyPEgyuVJuiAK0XNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wGJlXGwWU48JttuNxqMjMOZY-OamAwry2TjcngW3oNXtVHtPDwi3GdDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjGPCaPaWMzuVXD2WgtWi4Ma4VxtlkLhsPlxuFyzGYuk1v0-pg-jtXK5thtkWAA4F4kT4t0Its4DCOTczSymRwj52bjWtkME5trNrEsLBbfYjQRSzQni3Qiu-wbK-Ngs5x4TLbdbjQYGYczx8Y1MRlWlsnG5fAs_DWPyWPa2Exu1XA2WouWC8NaYZxt1oLhcLlxuByzmcvkFr0-po9jtbI5dvvGbDnbzAbD1WrfmC1nm9lguFrtO3SG7-pzNirLKslH5eyOE5ftzWlQuAwW70t9Og8LxoJ62jk6VQ6Zsrsz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_G6HBrHna39Oi3-9wKu1vqtLtFDrvPLT367T638mH3uTVGh98tdbrFrrfE5XRLnQ67W_m0-9w619-tdtrdIofd55YenW7F0-5zqyxvxdNhd-sedp9daHqbLWKJ4HSRTkQv4-mi_iOHWA3niuFirlgs5rLhKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gS0R3H_____4wAAAMjIoQcAAEC_DygLAAAAAACAX0FMJpvh_gGoEGu1Wt1urNVqBSyQ5WgwmsD___9_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=aatest_vA!adxLoadDist7-out_vB!esv_vC!mprdct01val_vB!nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=30&uid=0880f86d-8537-4015-9abc-b23c27dc500b&gdpr=&gdpr_consent=&us_privacy=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vWYH_WdE2oNVAboIVDpu3Zz.bUOLRIQDgVSuQE3l~A
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmdnRDFJZS1KVnRUeG1LWDl6TVFwc3l6Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGZnZ0QxSWUtSlZ0VHhtS1g5ek1RcHN5emciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=491f0bfe-72ef-4f92-8107-8dc48d785888&ssp=gumgum2&bsw_param=0880f86d-8537-4015-9abc-b23c27dc500b
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&obuid=ENC(629oJu96lJ4NOqMYFzzwMr7iEoj3mp2C9LJ1_5Eqx0cIVs7OSpJ0hCMHaAaaqbAI)&gdpr=0
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=cg5K0YeePjdXt5JYe138&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3HGVFTAWLFMVIGUZCYOQ2UUWLFGEZTQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
ad.360yield.com
URL
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=NHwzD3SaqyXD&ev=1&pid=558355
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=atm&i=ZRxpqwAAAcXj6wA_&gdpr=0&gdpr_consent=&_test=ZRxpqwAAAcXj6wA_
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5WjSo1R2QZS3I2ZgoXcZoA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5BUEdJOEctOC1WTFc=&google_push=
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=u1nmypqKRhGdMJdUCE381w
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AUnB5TdE2oKVgzsqTR4QLslYe7RjdaxX37I16Q--~A
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
Domain
live.primis.tech
URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAPGI8G-8-VLW
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=37556&a=1
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=26594
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=TRzXViOTUS1rMEklYY4qvp61b0Q
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1918927419
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=ZRxprMCo8XgAAB9MBacAAAAA
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=323&uid=LNAPGI8G-8-VLW
Domain
code.createjs.com
URL
https://code.createjs.com/1.0.0/createjs.min.js
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESED-RMhVfXFnxlIqWh9v7yBE&google_cver=1&google_push=AXcoOmSfUDzqMROjSdNnoNck2uOADBb-sfbj8Vxkd59apgXiUHmAom4YXBMn05ACNEnLOcEw6tmIgCsn5lUMbWoaoTK8N-ioL1Q
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAzMjQ1MDExNjU5NjI0MzQ1&google_push=AXcoOmT3-Cl3_SL-JAPaHfx0a2ooccoZveptlSSFRdwbgyyPIQZbKzokBl1op-cEF2dSmIAijStr7OuUioPAm29vAhjKK9wdH2Wz
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTNigDkFkW2sOA8lGth6xX2DaQEKpCeO3VAffpV2e8tFmpfyhIdwV6VjlalLbd6n9k3OVKOdnPXBGp9VLW7FWb3-IGvHupr&google_hm=OxlcsZvtjV-bH8eCK_urTA==
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELvb9EPtElCOKLTTL8Ysj8U&google_cver=1&google_push=AXcoOmTK31XI3A1pvi1n5viXRKFptJUsPRuwdx7IpQcZv8_GS3MXobOjsDDi-_HSH4sXjRYC8kZzE8l8NPWxf2NnI4LfmhVm8WfD
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRrvjEId5tsh7-vfu7c6_I4y6dkLi1JGEvrpJMZ3gvCfFsiiw7KC2z1oESdybJlHWx3ySXYuErIibyvDMGSx2YfcF_tt2vB%26google_hm%3D%5BUID%5D&google_gid=CAESEN7hQDA1Gg9XVku1X0rjzDs&google_cver=1
Domain
google.partners.tremorhub.com
URL
https://google.partners.tremorhub.com/sync?UIDF=CAESEPDlh2RFdV1f8Fzj3vl_Sq0&google_cver=1&google_push=AXcoOmTnDONVzdrdzbAELHCOnyYjnd9sXhi7JpO0Mlad4DfKOb-FxPqIPvajwqnixXGV_QNf-MylJmdiieLC4JYVJxA41Ez4Jfo
Domain
sync.teads.tv
URL
https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKPW16HwYWc_1Ub98KuUO4Y&google_cver=1&google_push=AXcoOmQAqa8EijvinRqRYIrDU2vjl8nC7s3L_-PvVD-7_mS-wErN3IJ0gBRbBzEATXVW2rEDtf-WNnBHU1PWz94lzYQOcNY1Rnfenw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWLkfN7ZrjcrntDqI2qtUSlLXOj9ISakzMxJkXW84ocjtHgBA1W8bFZtqWjadDT_ikZClsRQ
Domain
agent.aralego.com
URL
https://agent.aralego.com/sdk
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE&redir=true&gdpr=0&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=316&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xdf2UcTKRLurYXkc8Jq7vg%3D%3D&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE&gdpr=0&gdpr_consent=
Domain
cr.frontend.weborama.fr
URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE&redir=true&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C5D7F651-C4CA-44BB-AB61-791CF09ABBBE?gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.json?khaos=LNAPGI8G-8-VLW
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27466582&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
imagesrv.adition.com
URL
https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7285814433103874828&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKaiXtsdfseTmYGWKHwdRH4DFr6URTqrsc6QWtOkZs7PVCsokm8tFcY6_qIUYwnO3qDBP9C0BvQKRCtUkygar-wBlMbdS9dpoiuZPUv4eFySlLPb14nXhTPzgPVI5Y&sai=AMfl-YQ3E8Rc8vmzigAJBawPTqNn-kS03PhYtidP9Dqd2Mg34ET8fhhOd2_L8_d3T53QdvK3dYThUouh4tF-4K1gnKumHiS5QgTn2Fg7K1BDmm6qwF0udy7Ucap5DN8&sig=Cg0ArKJSzDCfU5fNL3gYEAE&cid=CAQSOwDICaaNjvuhbjuQ7cOPjfGt1IFwpTYEDlFdsCZFjUrHGanKjoDzDD7pk3JhWRY3HgJbMdETYtstsiozGAE&id=lidar2&mcvt=1080&p=1110,436,1200,1164&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696360861539&rpt=14331&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?UmAk5A
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=10444100160732304438270012466026&pv=1
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=10444100160732304438270012466026&pv=1
Domain
hal900026.redintelligence.net
URL
https://hal900026.redintelligence.net/request_content.php?s=10444100160732304438270012466026&a=c132cf0d
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=10444100160732304438270012466026&pv=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=2044665408255078&bg=!uLulu_TNAAYEJRtnJCU7ADQBe5WfOBeKCY3jne-inGooNLedtn_3ntIwFh9xz9bycFt9StZWMRBGIkQWsYe-NDodjMPFAgAAA8VSAAAAEmgBB5kCwybLxjxMYFapagO0VX3Hw4x8aHGEIVucZAlEIN2r7uWIvNjdkdoY9wJZcamhPAFDP7J8vSaxMsMEj7DLCli1iH7R4f3fHcMVS9pejXge9fwEo4umEbo3b1SyF6btmWOP-_6ws4vmF7rY9_-OCwd7HXRuiAhPQop0sN8bpuhdplvrqAH0fAx8hvmjEzNb-_NkpTpeINM3YVFoBB2X8ksDEsJJfC8SKC2WokwvI28SOExhfBzaJNvmN9dOk-YF5HLJUUGsEu9hMgtvl5vj1-crMtMuQQatEsefUhxuH5yFUNpCyO8KANKUDnrILh4z6IooLXNmR4eTgrVgfdJ5PqvRlSRfp_W4Zrlf2W7MkcZMhnbRQgmA9Fm92d4GbzWjcju4Nu88IC-xkPKB50GWgbodfySrwT4T3VEnXnXzx9QeealcozMUTYW1Xo2F96fRk4gFkdhVht_KBL5fqHKOHGpVxRhGupycZ9VAIXKS0L5dvHRKhcjdVUXcoQMecWB4fEfYUCJB3JecD6mpnTZe37VNLnJFjgmw5Rzcg7zXBTUniGS-MPW8E5-IocN5V8WppnpzFfeiqP83WrGJponGXYXMy7nVOClx7JHOe008Ttt9eNraxnDBrTug3bD33AiNOwe0MS7E57AF7AW9HNscWh3LP7M2MuAp_7j_FGtva28me9bJzlU-iO9fnWrUnuRYNwXfwiG26jmaUDF-1OGtQhgPDyW9Ngr6gcvPdJeyFJfzZKoGSmGbcr1c53Zjnrc2PDDGYY8obmF8A96ALevCBA-mQrWb7GmJlOFu7LscXOiTsJdX7gCYjISA-tCsbKLpGFi1RsIlds7_8gBlJHfgLbbWJAjnHZwmUsoLWD-X5FtETeTmZHvCF1dMBwt7sCLDXcpt25fSD0uGOnrlOhVEpLl3Lc0hzcjSBRxSDUbxkD5hoqD2YshS
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk3Zl5Bl-gQr5OUY1ZqA56hsZD5nex7VSxznCAPQ6ODw7wmJxWAIIQjnuK9SUjCuHRslAioa_af1lIF9MCFjVxiXmNQ8Y42P0qABGB4In5lyYuBr6yZIIrl3MGQ_gh&sai=AMfl-YQ8x65n2cNxNU97nZ8DurPEBSG3Ij-y_UoenMlt04q7tCBHgPC3BaAKTxrLtoK9O5cQf4LtB14rgdcFxbpiHJ50-_9JDe7JCIMOmqG7_h76xRUhB2SgDkljAqs&sig=Cg0ArKJSzGsDK9Op6Js_EAE&cid=CAQSOwDICaaNdr12Z9_UrP-_5_JBdLQXn1IMoggA1qYXpMbO6d6v2mLQ7pGYbT_rh5drtNYnQ0CkIJsRgH7uGAE&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696360861515&rpt=16174&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40920481&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _statcounter function| setImmediate function| clearImmediate object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| TRC function| _typeof object| _tblConsole undefined| msg object| adRecover object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing number| google_unique_id undefined| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| google_reactive_ads_global_state function| runAnimCheck string| nam object| placementData object| aries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ucf object| request string| paramsString number| vidverto object| regeneratorRuntime object| aries_registry boolean| noPreviewPage object| cmTag function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| _cm_wfCounters string| lastWfUrl function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _aries function| startCMTagMain string| category function| quantserve function| __qc object| ezt object| _qoptions object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| inViewWindow function| shuffle object| entertainment object| arrToUse object| playlist object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| OvaMediaPlayer object| vidvertoPromiseCache object| closure_lm_878439 function| VidvertoPlayerVideoPlaylistUI object| google_ad_modifications object| google_prev_clients object| closure_lm_709559

133 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1696360851.48D3BB29BEED4FDC146B627280EA84FC.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1696360851.0
.statcounter.com/ Name: is_visitor_unique
Value: 1696360851389561029
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1696360854.1.0.1696360854.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1308101982.1696360855
www.bg3.co/ Name: __AP_SESSION__
Value: e8ff9382-30d3-4d67-8376-7ac094ae999f
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dfcdc4cfd-5864-49a0-a863-0889cae16fed-tuctc15ef17
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 7ba4b61c-f39a-4f73-bc21-2653678d182b
.doubleclick.net/ Name: IDE
Value: AHWqTUlfEExxoQDVRw2aF0Z2eRs7utyZaG-AsC2tsHrdho5bMjAOiqFG7Ph7FQPPnRk
.bg3.co/ Name: __gpi
Value: UID=00000c8bb21278d6:T=1696360856:RT=1696360856:S=ALNI_MY0VfXW2RH3Ti4jnxh10ekb9V07Iw
.omnitagjs.com/ Name: ayl_visitor
Value: cbb63d112b2b132fdce6b1ff7b32a15f
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwmtPxqAY4AUABSAEQmtPxqAYYAA..
.adnxs.com/ Name: uuid2
Value: 211986550558328471
.prebid.a-mo.net/ Name: __amc
Value: 1_1696360858_1696360858
ad.vidverto.io/ Name: moxuuid
Value: 4cce4a08-7398-48dd-8b11-2764ddfd7d1f
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1696447258
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1696447258
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1696447258
.teads.tv/ Name: tt_viewer
Value: 93cc7b7a-f3a4-41f7-b8e6-7296a779bb35
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1696360860.1.0.1696360860.0.0.0
.aralego.com/ Name: sspid
Value: 963a1a30-1217-3d49-82f2-83d501b0fb73
.bidswitch.net/ Name: c
Value: 1696360861
a4p.adpartner.pro/ Name: apuid
Value: 93bb3337-3699-4427-8ef8-c517b1e12584
.bidswitch.net/ Name: tuuid
Value: 0880f86d-8537-4015-9abc-b23c27dc500b
.ads.stickyadstv.com/ Name: UID
Value: 6a7cae5ade1336596d1a0f1be6d1b16
.yahoo.com/ Name: A3
Value: d=AQABBJ1pHGUCEBjmbZAXMEuJMfA6FeAmgBsFEgEBAQG7HWUmZbti0CMA_eMAAA&S=AQAAAvca_3sPkLwe3UNm64FCeEQ
.smartadserver.com/ Name: pid
Value: 5294539708228200926
.rubiconproject.com/ Name: khaos
Value: LNAPGI8G-8-VLW
.bidswitch.net/ Name: tuuid_lu
Value: 1696360862
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C5D7F651-C4CA-44BB-AB61-791CF09ABBBE
.aralego.com/ Name: euconsent-v2
Value:
.adfarm1.adition.com/ Name: UserID1
Value: 7285814428801109002
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-03T19%3A21%3A03%22%7D
.openx.net/ Name: i
Value: 37e3e9d4-9bec-0b86-27bd-43dd9cc5a20b|1696360864
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzsrS0MLQAEhbGQnyGuv45pYHuyUbGHuXZOQCDDgHAJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzsrS0MLQAEhbGQnyGuv45pYHuyUbGHuXZOQCDDgHAJQAAAA
.quantserve.com/ Name: mc
Value: 651c69a0-8b353-7aaab-eb5f5
.bg3.co/ Name: __qca
Value: P0-852023121-1696360862137
.openx.net/ Name: pd
Value: v2|1696360864|gen0vNvQiygu
.adfarm1.adition.com/ Name: lv_5626024
Value: w=4787112|t=1696360864
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2e9v:198o~2e9v"
.casalemedia.com/ Name: CMPS
Value: 3214
.quantserve.com/ Name: d
Value: EKwBDAGMKoqsMA
.servenobid.com/ Name: pid_318
Value: EtvRvymp3QEiT1UU0Jnrn9pBSfYCUC9TYoZV6iui6aA
.servenobid.com/ Name: pid_337
Value: y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
.servenobid.com/ Name: pid_339
Value: y-lMUAYLJE2uEZ8LcQFJ1pprb26ENDVpT.q1EWWkI-~A
.servenobid.com/ Name: pid_324
Value: 5109685629981899883
.servenobid.com/ Name: pid_312
Value: 211986550558328471
.onetag-sys.com/ Name: OTP
Value: KFAt-fAXH2h4vyAc6KacI1crTg-TU-dUu96Z8bdKJsE
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZRxpoeBwz12u3Pl-F0pnQQAADI4AAAAB
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 26f07d88-8d78-5214-9f1d-135efa017af6
.betweendigital.com/ Name: ss
Value: 1
.servenobid.com/ Name: pid_333
Value: ZRxpoCfB8eKs5WwsbV25uwAADHgAAAIB
.gumgum.com/ Name: vst
Value: e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMID
Value: ZRxpoeBwz12u3Pl.F0pnQQAA
.casalemedia.com/ Name: CMPRO
Value: 3214
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.us.ck-ie.com/ Name: CID
Value: 3ca8ac0b8a7c693389edb37ddd070e20dd7ce7f0
.bg3.co/ Name: __gads
Value: ID=3acf2355195d5cb3-22508c562bdf0081:T=1696360856:RT=1696360872:S=ALNI_MbPVr_jat86_JkHt5S3RVA-S-OYfw
.go.sonobi.com/ Name: __uis
Value: 667fe56d-a50e-4a6f-84d1-93784b211979
.go.sonobi.com/ Name: HAPLB8G
Value: s85193|ZRxpq
.minutemedia-prebid.com/ Name: wrvUserID
Value: Xmeprmj-C_mm
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-0fc48e17-89b8-382e-b8ba-b992b8f39d5f
.yellowblue.io/ Name: wrvUserID
Value: 5CAp9m0zkj_s
.servenobid.com/ Name: pid_317
Value: 5294539708228200926
.betweendigital.com/ Name: ut
Value: ZRxpqQABDYiGFYGEuhfX8g1fSysTXB4eLa97dw==
.richaudience.com/ Name: pdid
Value: eb197b38-db9e-4dad-b675-1zz1696360863
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFps46a5rBt2Fs37Hth5lo0&KRTB&23025-CAESEFps46a5rBt2Fs37Hth5lo0&KRTB&23386-CAESEFps46a5rBt2Fs37Hth5lo0
.pubmatic.com/ Name: PugT
Value: 1696360873
.company-target.com/ Name: tuuid
Value: a600b949-7327-4513-8dd1-922136e21521
.company-target.com/ Name: tuuid_lu
Value: 1696360873|ix:0
.adfarm1.adition.com/ Name: lv_5609187
Value: w=4389191|t=1696360872
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_332
Value: 667fe56d-a50e-4a6f-84d1-93784b211979
.servenobid.com/ Name: pid_348
Value: Xmeprmj-C_mm
.servenobid.com/ Name: pid_352
Value: 5CAp9m0zkj_s
.adform.net/ Name: uid
Value: 103245011659624345
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.3lift.com/ Name: tluid
Value: 295918812076127404041
.smilewanted.com/ Name: sw_user_params_infos
Value: qcIT7jIBiPgGK51e9FDf6LXVNIOCS6EjKUC4Gt7yaTyIGfTd1LIC4ZDPNHnXrGqY634hMUybZRx%2Bp5e4uBz2nrV%2BU1brCP%2BWEsLuZDmC4C6Oxs82z4PQE3Uor38zDwQbdbK1LKuAZ%2FxlhClBE3WwvLFsfvMZTL8rlXiNPrqwA4zrDmhxtC5vx2BCPJXbgMNNW5s9JFkvqRPnlh14sbEoChavj9I1KcXdLMHDP7YEoKN0HQotwr42%2BIpwFLziKI81qQMaJe6YoMFrxBgJzE7GFv9S8daOmjt1RePR7bbzsmFVZUG7KQTfhJi0KXBAdfSa
.demdex.net/ Name: demdex
Value: 29404757350160995802718750793769854415
.adotmob.com/ Name: uid
Value: 09a2220400eb80faac41390a
.adotmob.com/ Name: uuid
Value: 09a2220400eb80faac41390a
.adotmob.com/ Name: partners
Value: IX%3A1696360875773
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_81db2243-eac7-47cc-a98e-849465c417ee
.pubmatic.com/ Name: DPSync3
Value: 1697500800%3A245_241_235_201
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: c9ea412980e545f9
.sportradarserving.com/ Name: zuuid
Value: 1560a79f-dd75-4ecf-891f-924f2409b3d1
.sportradarserving.com/ Name: c
Value: 1696360875
.turn.com/ Name: uid
Value: 8917603210396078727
.pubmatic.com/ Name: SyncRTB3
Value: 1697500800%3A220_21_13
.pubmatic.com/ Name: ipc
Value: 0^^2^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.creativecdn.com/ Name: u
Value: lYArsujLej77SoRkDdQC
.creativecdn.com/ Name: ts
Value: 1696360875
.criteo.com/ Name: uid
Value: 8f7131a5-7da0-4a0e-a20f-6ea933cbf478
.fwmrm.net/ Name: _uid
Value: uml1229_7286384391552095810
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmlmbGZgYW5qYWi6igXONzMxMTM-JY7EtzAyAwDEV3yFMAAAAA
.outbrain.com/ Name: obuid
Value: b2bf07e9-29ce-4853-be0b-bf5268ae2fae
.shb-sync.com/ Name: smart_usr
Value: db344fbb-7dc6-443d-9c2d-42e7a69de0be
.shb-sync.com/ Name: smart_r
Value: 32095
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRxpqwAAAcXj6wA_
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4d1cd756-2393-512d-6b30-4925618e2abe.SIyEQdRbKAUvyT1i8cD2Un0U9GxZBkgVStb9O2TXS78
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4d1cd756-2393-512d-6b30-4925618e2abe.SIyEQdRbKAUvyT1i8cD2Un0U9GxZBkgVStb9O2TXS78
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATRzXViOTUS1rMEklYY4qvp61b0Q.GrE9SGf8fREynfF4xjMjCp0bg%2BjBujjGngrtHZs6kSg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATRzXViOTUS1rMEklYY4qvp61b0Q.GrE9SGf8fREynfF4xjMjCp0bg%2BjBujjGngrtHZs6kSg
.ipredictive.com/ Name: cu
Value: ee6af653-2be4-4d10-9b92-abb15c773ce7|1696360875993
.audrte.com/ Name: arcki2
Value: fggD1Ie-JVtTxmKX9zMQpsyzg!20220908!1696360875994!ip#158.181.111.68
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPVFmqetZBQUwyQWLWPZFsXh7WWCLMSirIS0YG_-fe3jEAEYAyCr0_GoBjABOgTwi70wQgTU5QST.hA4F4PUf%2Fn2UauOqxy97Jy8c2tZVdFemKrnuBPMOcIM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPVFmqetZBQUwyQWLWPZFsXh7WWCLMSirIS0YG_-fe3jEAEYAyCr0_GoBjABOgTwi70wQgTU5QST.hA4F4PUf%2Fn2UauOqxy97Jy8c2tZVdFemKrnuBPMOcIM
.amazon-adsystem.com/ Name: ad-id
Value: A1ni26JohkNUqRSezCJhayg
.dpm.demdex.net/ Name: dpm
Value: 29404757350160995802718750793769854415
.sportradarserving.com/ Name: zuuid_lu
Value: 1696360876
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1696360876
.adnxs.com/ Name: anj
Value: dTM7k!M40DDunaTF']wIg2E>3l$MzU!]tbP6j2F-.aDHYByFV-hhACicyrNZC1ZH'gY9^)h2p!>kLd?p*g0D(''a(!
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxOQVBHSThHLTgtVkxXIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDFUMTk6MjE6MTZaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTAtMDNUMTk6MjE6MTZaIn0=
.metadsp.co.uk/ Name: ruuid
Value: 491f0bfe-72ef-4f92-8107-8dc48d785888
.metadsp.co.uk/ Name: c
Value: 1696360876
.metadsp.co.uk/ Name: ruuid_lu
Value: 1696360876
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: uml1229_7286384391552095810
.ads.stickyadstv.com/ Name: MRM_UID
Value: uml1229_7286384391552095810
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-37428463-7522-4c7d-83d8-95f30e729ae8-003%22%2C%22zdxidn%22%3A%222013%22%2C%22nxtrdr%22%3Afalse%7D
.richaudience.com/ Name: avcid-bsw-uid
Value: 0880f86d-8537-4015-9abc-b23c27dc500b
.bidr.io/ Name: checkForPermission
Value: ok
.ads.pubmatic.com/ Name: KCCH
Value: YES
.rubiconproject.com/ Name: audit
Value: 1|APDLhc8Y0jvyfvj7fbdncJixmNP424XMWNEJb0O4R7bMK7WYIBFyq3/bev7DaYTCmOzE8QEc+cBYuqoIiPk057iLOlCEhdvdNfaAmrCZjqATU8IShkLyrdES+wzatrvcSZxjaBSpj0PLvHdptJ5vLY5T+h5HtLU9

46 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/ba1f660f44b5931935dc7b36cd58c21e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9d4e5227cdf0d0b5578970a34707c831.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/c38345dbc0703949cd680e0cdb542137.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/8be601b31d814223b5e000c61c6d472e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1dc5d8f6bac9baf1984e8150b42af527.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/b1ad12c25d0ba1ea81c996d2a66ec2de.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1dc5d8f6bac9baf1984e8150b42af527.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/65cf89826caee312701ad3a998e5feef.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/530930b9f9b51f70c9bb636b9d9810d0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/2cc24dc2688f4dd452d02d774e3bdee5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/51d94f19a2b6ed48e781e17f0087c025.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/15b769bff042bc60cb87e76e3ccf8b9e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/c5602d9b70c481ecd5a7d08bdc64ff18.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/18a2f0234a530e8d4f57614cd695e23b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f4625643e46d251a850911015d3b9889.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/4843e3bbef1d0a0713faad8ff3aa5bd9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ef0d322a5ce0a5b986048d81f0556696.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5dec899bb48f567340fe6750eb50042c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c8ea24c37c7d9cf6dfbdd3fc5ec9a949.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7ccdd9e8a932a0e11107926d7fdf6893.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7612196309399d6869387afcefa35059.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f1cb25a3aeee8a7bdff33891289f4a8c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/2092c18465e675c85c32d75738dc98cc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvY2hhLXNhbi16aG9uZy1hbi1qaW4tZGFuZy16aG9uZy15YW5nLWNoYW8tamktbHUtYmVpLWppYW4teWluZy1ndW8tbWluLWRhbmctemhpLXFpbmctZXItcWlhbi13YW5nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ad.vidverto.io/delivery/v2/sync?userid=4cce4a08-7398-48dd-8b11-2764ddfd7d1f&p_id=23
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ad.mox.tv/delivery/v2/sync?userid=8Dpm8aWOG49Z3w1sOOqsRXKJ15stzVNLb8k4X3tQJRs&p_id=5
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ad.vidver.to/delivery/v2/sync?userid=0880f86d-8537-4015-9abc-b23c27dc500b&p_id=15
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5D7F651-C4CA-44BB-AB61-791CF09ABBBE&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5953a25d-0aec-4d85-a6ee-fc70e2f0981d&obuid=ENC(629oJu96lJ4NOqMYFzzwMr7iEoj3mp2C9LJ1_5Eqx0cIVs7OSpJ0hCMHaAaaqbAI)&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://google.partners.tremorhub.com/sync?UIDF=CAESEPDlh2RFdV1f8Fzj3vl_Sq0&google_cver=1&google_push=AXcoOmTnDONVzdrdzbAELHCOnyYjnd9sXhi7JpO0Mlad4DfKOb-FxPqIPvajwqnixXGV_QNf-MylJmdiieLC4JYVJxA41Ez4Jfo
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=10444100160732304438270012466026&pv=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xy_n8C1E2oVj8mmJeCRwrJLEWvYvcX1DFYZwcRQ-~A&redirect=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNAPGI8G-8-VLW
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://stags.bluekai.com/site/23178?id=cg5K0YeePjdXt5JYe138&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Y3HGVFTAWLFMVIGUZCYOQ2UUWLFGEZTQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b037867f54240d886bf366ee20ebcaa.safeframe.googlesyndication.com
8bba9bc6dbc9cbafd4e27a23ef8230e5.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mox.tv
ad.mrtnsvr.com
ad.sitemaji.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adx.holmesmind.com
adx3.adform.net
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
bidder.criteo.com
bttrack.com
c.statcounter.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900026.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
il-trc-events.taboola.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imagesrv.adition.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.awin1.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
agent.aralego.com
am-wf.taboola.com
c1.adform.net
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
core.iprom.net
cr.frontend.weborama.fr
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
google.partners.tremorhub.com
green.erne.co
gum.criteo.com
hal900026.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
imagesrv.adition.com
imasdk.googleapis.com
ipac.ctnsnet.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
s.amazon-adsystem.com
simage2.pubmatic.com
simage4.pubmatic.com
stags.bluekai.com
static.bg3.co
sync-tm.everesttech.net
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
usersync.gumgum.com
www.awin1.com
x.bidswitch.net
103.231.174.251
104.16.89.20
104.18.24.18
104.18.26.193
104.18.27.193
104.20.219.77
104.22.69.131
104.26.4.103
104.79.25.60
104.79.89.16
13.107.42.14
138.201.84.244
141.226.224.32
141.226.228.48
142.250.184.230
142.250.185.161
142.250.185.194
142.250.185.74
142.250.186.170
142.250.186.36
142.250.186.40
142.250.74.194
142.251.43.131
147.75.84.158
151.101.130.137
151.101.65.44
152.199.21.70
162.19.138.118
162.210.196.208
167.235.114.248
172.217.16.130
172.217.16.194
172.217.18.1
172.217.23.102
175.110.113.203
178.250.1.11
178.250.1.9
178.250.7.10
178.250.7.2
178.63.52.121
18.156.139.59
18.194.23.131
18.214.104.9
18.66.147.40
18.66.26.40
18.66.97.31
184.30.20.22
184.30.22.30
185.106.33.48
185.180.220.208
185.184.8.90
185.255.84.150
185.255.84.152
185.29.132.245
185.64.191.210
185.86.138.151
185.86.138.154
188.42.34.64
190.2.150.148
190.2.151.10
192.132.33.68
192.96.203.13
193.0.160.131
193.108.153.21
198.47.127.18
198.47.127.19
2.19.104.211
216.239.34.36
216.52.2.30
216.58.206.33
216.58.206.34
216.58.212.131
217.79.188.21
217.79.188.46
217.79.188.60
23.211.9.91
23.97.225.52
3.120.69.56
3.124.160.8
3.233.155.192
3.33.220.150
3.66.141.122
3.75.62.37
34.120.63.153
34.250.19.175
34.96.71.22
34.98.64.218
35.186.215.140
35.186.253.211
35.204.158.49
35.244.174.68
37.157.2.228
37.157.6.233
37.252.171.85
45.137.176.88
46.228.164.11
46.228.174.117
51.89.9.253
52.208.254.204
52.21.252.242
52.210.15.1
52.210.204.82
52.213.151.23
52.46.130.91
52.5.118.137
54.38.197.123
54.72.115.16
67.220.226.238
69.166.1.34
69.173.144.137
69.173.144.138
69.173.144.165
76.223.111.18
77.245.57.72
8.18.47.7
8.2.108.175
91.228.74.200
95.101.196.17
99.86.4.102
01bb7f1459cb1ca872a96ae3f39703a771b599a2690d60ae83b4f361c5c56349
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
079b184279ccac0f38209131164c312234c0067ba99495e224bcc7fa1dc3c315
0a9a0b4f709c3e13dc8e7457a389518bcb2f697ee2791a72cae9b9f10e1808dc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ee904c1241bcca8bbaf19e95f3087ca9a2e85fb3a5ffc7c038a8ae9aefb35
0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72
10224c0939694d1b912416a4223f61cec7daa6aea1ef040c6542c4a0fb0756b5
1058cdfa38c45f034e6a9672f95620fe705d6e5587d4573626ad01ff252038a5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807
139936a350a34977bc853dccfe8df5f0f954d8bea92902d8ff3c4419ea6cc900
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
151db682b64cb51ed4b8e6e584291a7c70f7a89bdab24460c3120f9349b81438
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
193b202de74c47433bb12e2e32b71a195bf8faed81ee8f40effb47e0bc25a525
1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
221f0678326e4d2d03984af7eaf88a0ae3f6bac7264209da40b3d206cdd26ade
237e69271ebcde605907b6671298abdbd000827e613ea11113c74e9db3856a70
24495617e32afc7cb4049c257ffd29b48c5fcf90af5601236244f9bacd7683dd
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f06e995e4dc83d1edb761524da0dcf7bd79b0cd59a575850194b66c3a61796f
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
30d4b5c37756882cba7485ed2fb9aa7584706169e009301a994501fe42d79759
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
353de71f11f6a7d87156600447bf39c4bddfb8d06a54dc7d571bf1a8ec8fb168
3587200da9e152034fcd0997143f766c1653a3de088fa564f590ce1fc8966ff2
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37bdaa64522184e5645d484dafe560e36977daf6956bf66c38540bed7d5b9654
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4059a11408bfcad3bff05e2c3af1be2be3118b339b6122b292aaadca3c1aaefb
40773d3960abc50e66a2683ba0b3dd0637638378aa31e00da86b4735ccd0ec27
40c2dda7f80a37363f89d43724bb2c00820758060ac342f66d1689be7737040f
416d3d07baec7b1539530c1a67b516ddebdafdbe6aa1260e563046563b932689
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464857ce2cd39f577e1aee4380de452b3032f2746c94be5b8d71508e0733ca40
46660c65bda2bf39154796ab450adbfcfc638c79f158f69d51805b541244c443
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f282b7ed89d64e32f1490b024b7531f5241a5c1ae8807345df5f1abc6f6fe2
478bf656d14a54eb37d140e2ab2035b97d3f48e9eeeae540661f1a0f4c44bfca
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbeede6ecb96095a8feb376bb4b9b34e00d8e6b87a17711af3e11e646fd32fd
4cc3c276bb1787b7080ea3cc296a84f7d4dcf781592ad14cabc3ec9ff497d682
4dfcff1102e90214c00c627d7d4f5ae80af74d3069515a588711a98b1d3e0c33
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e642d00afcb3f47c8b418e9322522e6f32cb0bc6d0e6ff0f69bdb890a0c1e10
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5980a644111865c17f116417e51593a3a427e7a25130c6029bf2da0d10d79146
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5e79e3732bbbae1bf9807c0bb412a312efaf38da68ca7a90e4558c192af2ee24
5efd16652ba0ef0f99cdd689e7940c344a1ae01adec46d4323ff983d6936855c
6090302c974abaf082b19cafc3af71e27c761ec5b07c98f4f19ba4b59af9d0f2
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ec1170be793b865581458c283f7c56b7b96f23dfc3adf831661b9899b5b3f2
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63499d6c49a6a813ee86e89bdfff444d23c29917fc366ff8fa18ab7244fdfd2e
6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3
6463fd68ca13c0f88d1acefbd0077b993a98c2d544cc86800b9c8971d6713022
646c1db586ec5302d76714a1235e998d8308747ef942a982a5934119727d8051
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66da4a9938b444144754a6ef464b2faa16ba2842d39aa4dd4dd40d840b6bbfb1
66dc4a429a90befdec96c1ab1e414d99552fb0e5e4acba0bab288fe8c10b7b4a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70b3ff9bec45a453cbb9c8a29e68449d3323f21bd9a85b27ecdf5aee7bee520c
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
7179b64155224ab8ebca1889b7dba5568820590e618688284e1f7f1a4f6f9331
732b417ceaf8860cd41ee343c5bb32c67eaf665a7356477ff74d81161d869c15
743648ea1eacdf2a554bdc2f1cdd079818ba16009b190bb1627e3df736bce3f9
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
76b36d799b00cb57f1de71795762a38049dafde609e6abc2abae357b169360b9
76bbb79b7a7bf6b6f48fa788b4f26b45e2def746183deace19dacc44b4362c09
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6
77dfcd4be914b9e59d398c8c45b4adde75246ba1aa5438b8b8373c7f80af3a6f
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f672aa6b371698d86396d642459de7d087aeca2dbc8903649c1620622f75bc4
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8a12888a5ea59ab84d2ecfed50bcf657b3e794512577eecede2549c22b4cbbef
8a47301b057a3e76db81dd861ed632bb0ed98e5fcda1d2b5844d0b12754f5378
8a699c50dfb7042fb0b8b00489e1b467d26cbfb1cfed4c584503d4413f0eb30d
8a9fe35d355082e3c38d444947801b589d5760e717a1d359fbb24670e28c2d68
8c576fdfe5a6c400ea517402141cf357eb3c0b9ec3bec05a0a2ac8e0d1993ca1
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5714293bda6fed03b6141d6fb1d04998b25ce09c1d165c0f5fa40055377ea8
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dab78e34737f302fc6a2d7d39e8772b6de5252506b8bdadf001b640c2d45aae
8df8cbf88d2adea00e56f441e82d73033f5d82ea169e12f81b4bb8bc30e73690
8e337e2b962a6b9840479779dcf7b28aebc586f5e1943a2f77d3a6d69897e4cc
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55
90c5cb30608837e3f31706fad97926bf58dc6e8e586f25b26cd9575bb48f7706
916cd242c8103c7f9b3d117d050f4a63362920e7b3dc9957b4ecdd8386ea90e7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
997ed3312525b858b8e31651116282e7cdafa96a7223e8313f688771c8f57bc5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9e4d787d977deaa3b633bd08c19c485581b0696a29e3b97bad2f8be2a4b01cf0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a6fdcca2c798f4c7a89a90a7cb30385af534d3f7ce1b0b638688308e0d0cf5cf
a7686b273882ef8e2e1a1718690e0642bf7251cdddff7dc585f0b18d6d261789
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a8647c3cdde2a08bb1de628a786e9607c1cfd69f8620f0b004b1e0eb13e9c501
aa64ff458d93e79b8853fd55ac7a09f6d6d1e102382f334d50a3c42c21717ab3
ada6435de11f15eba4e529b72fcd1bb6bc28e68e58400715586648a9ca330c88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
bab0cd22b812fe187ea78dafbff485c8ecb9d755fa5ea9d75912a3b39bc3c93f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf0df2fd87faee69763320c538cb96a4edd731b768630609afeca5ae9be7d4b0
c122ff49eeaefb7a538b0a502ec06dfed171e95a80f557426feae6f3429a7d69
c15ccf4d265cf5f2b9bf8a4f591ccfaf190f264d0227fa1d37f4390fb14d5f87
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c339c7b754a91a679a77bf0d2166a9f63bdf0fa62874afbf3ecc4113a898ee00
c5c6d4292e2d0439f3e5417b8676ce9fb4f8f1a3244f03f429e166e9caf48e32
c7e0a3b980b338730e6d6eabb3de75678f1584de02de120d2f8bd92a8f2f04a9
c9373b0f25e4d2a564d4c9b945e0f371e2ab64a858ee7dc025a16c332012c687
ca7a8672a07fab48b90d072b49a0b88a112113c195f43526dd9ab8c60145ecd7
ca85c7f53fc27524b07ea3553cf8cb9b3235bd7698f1d61a42621cd5d1cd48a9
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cd44edba344915bf6be3cfb45b865ee4be9991a56b47a8d4f6691491d7d8a786
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d26936a8e0043ea3537f28bedc3ad61cccb0eec4a9827343904ab734387a0619
d48c574dc29243068a8ec6fe360c38a99db9f0b3857337837349fc285a204853
d52df9fabaed1fef20e9bcacbdafdaa0d0f6d07ef28c580fe47c0f14a0053ad3
d8b482d21ecd1a58eae9fcb1e255e3ee415a5da5821a219fc5c4f014e923d717
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e1a2111ff3e354d7638292d3340b7c3a9e388e8bb4e8fee035f5d666cb979e78
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6
ea16061429cde45361e786c65181ab917f47c5ade80db568e301d8c76b7543ae
ea8122128001fb61ba3e2db9a2c8b47e30d857145dc7017157e6f8c20d3fe928
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ed0ac09235c90fabd110607c8a353ed24add03252f7ea170357b52b0c0bcad35
ed82a994c5ecab06cee589d027b97ee49c0e7dc79234afb742433a69813eba9d
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff5d9a4d65b13c68341b970fb6800a45634d8fbbd9246280153f9791fbd9c4
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cf7f6b545e3bca01c1d76754a14719ce1329ab67177bd145767c2f2bc75fd8
f732bc32a6a91aef8d822e23a7fa9541fe8646f38ee1004159db0f18d91cb944
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe2004aa26a471ad88799b7218e09ceb9e6e7055f1f57665ce6d745a4ff7a476
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0