urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-me...
Submission: On November 18 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 17 countries across 122 domains to perform 698 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 142.250.184.193 15169 (GOOGLE)
21 142.250.186.162 15169 (GOOGLE)
8 142.250.186.104 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
8 152.199.21.70 15133 (EDGECAST)
43 151.101.65.44 54113 (FASTLY)
1 3 192.96.203.13 30633 (LEASEWEB-...)
3 104.26.5.103 13335 (CLOUDFLAR...)
2 151.101.130.137 54113 (FASTLY)
3 178.250.1.11 44788 (ASN-CRITE...)
3 216.239.32.36 15169 (GOOGLE)
5 142.250.186.65 15169 (GOOGLE)
4 3.233.155.35 14618 (AMAZON-AES)
9 23.97.225.52 8075 (MICROSOFT...)
16 185.106.33.48 200478 (TABOOLA-AS)
24 212.8.250.83 49981 (WORLDSTREAM)
5 172.217.23.98 15169 (GOOGLE)
1 104.16.89.20 13335 (CLOUDFLAR...)
20 54.76.122.35 16509 (AMAZON-02)
2 3.126.136.176 16509 (AMAZON-02)
2 6 147.75.84.158 54825 (PACKET)
6 12 185.89.210.212 29990 (ASN-APPNEX)
2 178.250.1.8 44788 (ASN-CRITE...)
2 184.30.21.51 16625 (AKAMAI-AS)
2 69.173.144.137 26667 (RUBICONPR...)
2 69.173.144.140 26667 (RUBICONPR...)
2 35.158.88.128 16509 (AMAZON-02)
2 34.120.63.153 396982 (GOOGLE-CL...)
3 29 51.75.86.98 16276 (OVH)
2 6 35.227.252.103 396982 (GOOGLE-CL...)
14 172.67.10.198 13335 (CLOUDFLAR...)
4 13 104.18.36.155 13335 (CLOUDFLAR...)
1 3 54.155.236.110 16509 (AMAZON-02)
2 5 91.228.74.159 16509 (AMAZON-02)
2 142.250.181.234 15169 (GOOGLE)
6 142.250.185.234 15169 (GOOGLE)
1 1 137.74.6.209 16276 (OVH)
12 14 18.196.207.18 16509 (AMAZON-02)
2 2 188.42.191.196 7979 (SERVERS-COM)
8 141.226.228.48 200478 (TABOOLA-AS)
5 185.29.132.245 30419 (MEDIAMATH...)
2 3 69.173.144.165 26667 (RUBICONPR...)
2 2 154.57.158.26 26558 (FREEWHEEL)
11 17 69.173.144.139 26667 (RUBICONPR...)
17 51 142.250.181.226 15169 (GOOGLE)
4 6 185.86.139.94 201081 (SMARTADSE...)
4 35.244.174.68 396982 (GOOGLE-CL...)
3 7 52.46.130.91 16509 (AMAZON-02)
15 20 198.47.127.18 62713 (AS-PUBMATIC)
4 9 185.64.191.210 62713 (AS-PUBMATIC)
8 10 3.71.149.231 16509 (AMAZON-02)
15 3.33.220.150 16509 (AMAZON-02)
1 2 190.2.153.150 49981 (WORLDSTREAM)
3 184.30.17.67 16625 (AKAMAI-AS)
23 142.250.185.129 15169 (GOOGLE)
6 142.250.185.228 15169 (GOOGLE)
4 6 63.35.117.106 16509 (AMAZON-02)
12 184.30.22.30 16625 (AKAMAI-AS)
1 18.66.97.52 16509 (AMAZON-02)
1 64.202.112.223 23352 (SERVERCEN...)
1 213.227.153.220 60781 (LEASEWEB-...)
52 142.250.184.194 15169 (GOOGLE)
3 3 23.56.202.187 16625 (AKAMAI-AS)
1 167.235.184.171 24940 (HETZNER-AS)
1 217.182.178.224 16276 (OVH)
5 10 69.173.144.138 26667 (RUBICONPR...)
7 87.248.119.251 34010 (YAHOO-IRD)
1 185.170.60.54 27381 (CASALE-MEDIA)
11 172.217.16.130 15169 (GOOGLE)
1 1 172.105.199.172 63949 (AKAMAI-LI...)
7 7 46.228.174.117 56396 (AMOBEE)
2 2 124.146.153.163 2514 (INFOSPHER...)
2 3 213.180.204.90 208398 (TELETECH)
10 172.217.18.6 15169 (GOOGLE)
4 185.165.240.123 49981 (WORLDSTREAM)
2 142.250.186.35 15169 (GOOGLE)
7 142.251.10.94 15169 (GOOGLE)
1 13.107.42.14 8068 (MICROSOFT...)
2 5 52.95.126.160 16509 (AMAZON-02)
6 6 52.16.22.123 16509 (AMAZON-02)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 13.32.99.104 16509 (AMAZON-02)
1 23.32.238.162 20940 (AKAMAI-ASN1)
3 4 34.91.62.186 396982 (GOOGLE-CL...)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
2 2 154.59.122.79 174 (COGENT-174)
8 9 37.157.2.229 198622 (ADFORM)
2 178.250.1.3 44788 (ASN-CRITE...)
2 2 34.224.175.55 14618 (AMAZON-AES)
3 178.250.1.9 44788 (ASN-CRITE...)
2 104.18.38.76 13335 (CLOUDFLAR...)
5 10 34.98.64.218 396982 (GOOGLE-CL...)
6 142.250.186.98 15169 (GOOGLE)
3 3 54.165.115.205 14618 (AMAZON-AES)
3 3 52.215.107.17 16509 (AMAZON-02)
3 4 13.248.245.213 16509 (AMAZON-02)
35 104.17.202.110 13335 (CLOUDFLAR...)
1 184.30.20.22 16625 (AKAMAI-AS)
1 13.32.27.99 16509 (AMAZON-02)
1 184.30.16.183 16625 (AKAMAI-AS)
2 54.171.158.15 16509 (AMAZON-02)
4 184.30.16.195 16625 (AKAMAI-AS)
6 99.86.4.129 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 54.85.125.66 14618 (AMAZON-AES)
2 2 216.52.2.91 30282 (AS-INAPCD...)
3 216.52.2.30 30282 (AS-INAPCD...)
2 2 46.228.164.11 56396 (AMOBEE)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 1 69.166.1.34 27630 (AS-XFERNET)
3 3 107.23.15.226 14618 (AMAZON-AES)
1 1 193.122.128.135 31898 (ORACLE-BM...)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
2 3.126.228.123 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
2 2 185.86.138.155 201081 (SMARTADSE...)
2 2 3.122.74.3 16509 (AMAZON-02)
2 4 81.17.55.172 60781 (LEASEWEB-...)
1 1 13.32.27.67 16509 (AMAZON-02)
1 1 45.137.176.88 60350 (VP)
1 80.77.87.162 46636 (NATCOWEB)
14 34.247.205.196 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
1 1 52.70.253.77 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
4 4 64.74.236.191 19024 (INTERNAP-...)
4 198.47.127.19 62713 (AS-PUBMATIC)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 1 37.157.6.254 198622 (ADFORM)
1 52.210.50.120 16509 (AMAZON-02)
2 34.102.253.54 396982 (GOOGLE-CL...)
9 11 198.47.127.205 3257 (GTT-BACKB...)
2 2 3.122.5.52 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.173.129 15169 (GOOGLE)
1 2 151.101.2.49 54113 (FASTLY)
1 72.251.241.206 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
3 4 52.212.46.188 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.246.239.231 16509 (AMAZON-02)
3 198.47.127.20 3257 (GTT-BACKB...)
2 2 98.98.134.242 21859 (ZEN-ECN)
2 2 89.207.16.201 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
4 104.16.64.126 13335 (CLOUDFLAR...)
1 1 142.250.185.238 15169 (GOOGLE)
1 74.125.108.199 ()
1 1 141.95.171.140 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 23.88.86.2 24940 (HETZNER-AS)
1 172.67.13.182 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.214 16276 (OVH)
698 119
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
cdn.ampproject.org
21    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
8    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
8    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
43    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
pips.taboola.com
3    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
5f1dad02383a875d2ce1ca56d7dc5967.safeframe.googlesyndication.com
4    3.233.155.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-155-35.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
9    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
24    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidverto.io
ad.vidver.to
5    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
www.googletagservices.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
20    54.76.122.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    3.126.136.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
6    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
12    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    35.158.88.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-88-128.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
29    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
6    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
14    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
13    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
3    54.155.236.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
5    91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
6    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
imasdk.googleapis.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
14    18.196.207.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-207-18.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
5    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    154.57.158.26 (Amsterdam, Netherlands)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
17    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
51    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
6    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
4    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
7    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
20    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
9    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
10    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
15    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
ad.mox.tv
3    184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
23    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
6    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
6    63.35.117.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-117-106.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
12    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net
rules.quantcount.com
1    64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
stas.outbrain.com
1    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1t-eudc1.zemanta.com
52    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu
prg.smartadserver.com
10    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
7    87.248.119.251 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com
pn.ybp.yahoo.com
s.yimg.com
cdn.js7k.com
beap-bc.yahoo.com
1    185.170.60.54 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a1123.casalemedia.com
11    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads.g.doubleclick.net
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com
a.c.appier.net
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    124.146.153.163 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    213.180.204.90 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: bs.yandex.ru
an.yandex.ru
10    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
s0.2mdn.net
4    185.165.240.123 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-123.hosted-by-worldstream.net
cdn.vidverto.io
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
7    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
csi.gstatic.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
6    52.16.22.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-22-123.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    13.32.99.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-104.fra60.r.cloudfront.net
live.primis.tech
1    23.32.238.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-162.deploy.static.akamaitechnologies.com
hb.yahoo.net
4    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
9    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    34.224.175.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-175-55.compute-1.amazonaws.com
i.liadm.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
adpushup-d.openx.net
eu-u.openx.net
u.openx.net
6    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
3    54.165.115.205 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-115-205.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    52.215.107.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-107-17.eu-west-1.compute.amazonaws.com
match.360yield.com
ice.360yield.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
35    104.17.202.110 (None, )

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net
public.servenobid.com
1    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    54.171.158.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
4    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    99.86.4.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-129.fra6.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    54.85.125.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-125-66.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
3    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    107.23.15.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-15-226.compute-1.amazonaws.com
ssp.disqus.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    3.126.228.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-228-123.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
2    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    3.122.74.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-74-3.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
4    81.17.55.172 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb-csync.smartadserver.com
1    13.32.27.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-67.fra56.r.cloudfront.net
s.ad.smaato.net
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
14    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
1    52.70.253.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-253-77.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    64.74.236.191 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    52.210.50.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-50-120.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
11    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    3.122.5.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-5-52.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.173.129 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 129.173.214.35.bc.googleusercontent.com
csync.loopme.me
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    52.212.46.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-46-188.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    34.246.239.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
a.audrte.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    89.207.16.201 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    104.16.64.126 (None, )

ASN13335 (CLOUDFLARENET, US)
shared.bannerflow.com
1    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
redirector.gvt1.com
1    74.125.108.199 (None, )

ASN- ()
r2---sn-1gi7znek.gvt1.com
1    141.95.171.140 (Paris, France)

ASN16276 (OVH, FR)
PTR: bixel-6.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    172.67.13.182 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
89 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
565 KB
80 googlesyndication.com
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
5f1dad02383a875d2ce1ca56d7dc5967.safeframe.googlesyndication.com
760 KB
67 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
sync.taboola.com — Cisco Umbrella Rank: 1322
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com Failed
am-wf.taboola.com — Cisco Umbrella Rank: 17326
921 KB
51 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
51 KB
50 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
eus.rubiconproject.com — Cisco Umbrella Rank: 602
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
111 KB
35 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8923
400 KB
29 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
19 KB
27 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
506 KB
21 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
12 KB
18 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
pn.ybp.yahoo.com — Cisco Umbrella Rank: 1473
beap-bc.yahoo.com — Cisco Umbrella Rank: 1556
10 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
16 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 522
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
3 KB
16 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
5 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
305 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
a1123.casalemedia.com — Cisco Umbrella Rank: 445714
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
10 KB
14 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
19 KB
13 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
sync.smartadserver.com — Cisco Umbrella Rank: 1330
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
5 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
41 KB
12 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
8 KB
10 adform.net
adx3.adform.net Failed
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
dmp.adform.net — Cisco Umbrella Rank: 3509
6 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
177 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
977 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
2 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
180 KB
6 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
3 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
3 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
744 B
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
5 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 22764
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
319 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
4 bannerflow.com
shared.bannerflow.com — Cisco Umbrella Rank: 481089
252 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 648
70 KB
4 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1799
stas.outbrain.com — Cisco Umbrella Rank: 3551
14 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
12 KB
4 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
1009 B
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
90 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
1 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
ice.360yield.com — Cisco Umbrella Rank: 2116
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5085
979 B
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
1 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
359 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
3 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 3518
r2---sn-1gi7znek.gvt1.com
552 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
744 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
499 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
796 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
392 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
69 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
952 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
2 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
522 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
1 KB
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42792
304 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
2 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
2 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
12 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
226 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
465 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
582 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
176 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1578
712 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
457 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
523 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
625 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
527 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
652 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 1846
14 KB
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15453
598 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
644 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
258 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
17 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 company-target.com Failed
s.company-target.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
698 122
Domain Requested by
52 pagead2.googlesyndication.com be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
ads.aralego.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
googleads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
51 cm.g.doubleclick.net 17 redirects onetag-sys.com
www.bg3.co
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
eus.rubiconproject.com
adpushup-d.openx.net
ssbsync.smartadserver.com
g2.gumgum.com
35 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
www.bg3.co
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
29 onetag-sys.com 3 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
public.servenobid.com
ads.pubmatic.com
23 tpc.googlesyndication.com www.bg3.co
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
23 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
20 image8.pubmatic.com 15 redirects onetag-sys.com
ads.pubmatic.com
20 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssbsync.smartadserver.com
g2.gumgum.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
17 pixel.rubiconproject.com 11 redirects onetag-sys.com
eus.rubiconproject.com
16 il-trc-events.taboola.com www.bg3.co
16 cdn.taboola.com www.bg3.co
cdn.taboola.com
15 match.adsrvr.org onetag-sys.com
imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
cdn.adpushup.com
adpushup-d.openx.net
g2.gumgum.com
ads.pubmatic.com
www.bg3.co
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 x.bidswitch.net 12 redirects onetag-sys.com
14 images.taboola.com www.bg3.co
12 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
12 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
11 simage2.pubmatic.com 9 redirects ads.pubmatic.com
11 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
ads.pubmatic.com
11 googleads.g.doubleclick.net be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
10 s0.2mdn.net imasdk.googleapis.com
www.bg3.co
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
s0.2mdn.net
googleads.g.doubleclick.net
10 token.rubiconproject.com 5 redirects eus.rubiconproject.com
10 ups.analytics.yahoo.com 8 redirects am-match.taboola.com
onetag-sys.com
10 ib.adnxs.com 4 redirects cdn.adpushup.com
eus.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 pubads.g.doubleclick.net imasdk.googleapis.com
www.bg3.co
9 image2.pubmatic.com 4 redirects onetag-sys.com
ads.pubmatic.com
9 e3.adpushup.com www.bg3.co
8 c1.adform.net 7 redirects ads.pubmatic.com
8 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
7 csi.gstatic.com imasdk.googleapis.com
7 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 s.amazon-adsystem.com 3 redirects onetag-sys.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
6 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
6 googleads4.g.doubleclick.net www.bg3.co
6 us-u.openx.net 3 redirects googleads.g.doubleclick.net
adpushup-d.openx.net
6 match.prod.bidr.io 6 redirects
6 pr-bh.ybp.yahoo.com 4 redirects imprammp.taboola.com
ads.pubmatic.com
6 www.google.com www.bg3.co
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
www.bg3.co
6 rtb.openx.net 2 redirects cdn.adpushup.com
6 prebid.a-mo.net 2 redirects cdn.adpushup.com
eus.rubiconproject.com
6 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
5 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
adpushup-d.openx.net
ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 sync.mathtag.com onetag-sys.com
ads.pubmatic.com
5 htlb.casalemedia.com cdn.adpushup.com
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 shared.bannerflow.com c.bannerflow.net
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
4 b1sync.zemanta.com 4 redirects
4 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
4 ads.pubmatic.com public.servenobid.com
csync.smilewanted.com
g2.gumgum.com
ads.pubmatic.com
4 eb2.3lift.com 3 redirects cdn.adpushup.com
4 ssbsync.smartadserver.com 3 redirects public.servenobid.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 s.yimg.com pn.ybp.yahoo.com
www.bg3.co
s.yimg.com
4 cdn.vidverto.io www.bg3.co
ad.vidverto.io
4 id.rlcdn.com onetag-sys.com
4 http-intake.logs.datadoghq.com cdn.adpushup.com
4 be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 creativecdn.com 3 redirects
3 bh.contextweb.com 3 redirects
3 ssp.disqus.com 3 redirects
3 ap.lijit.com public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
3 sync.srv.stackadapt.com 3 redirects
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 dis.criteo.com ssum-sec.casalemedia.com
googleads.g.doubleclick.net
ads.pubmatic.com
3 dsp.adfarm1.adition.com 3 redirects
3 an.yandex.ru 2 redirects www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 widgets.outbrain.com www.bg3.co
widgets.outbrain.com
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
3 pixel-eu.rubiconproject.com 2 redirects onetag-sys.com
3 region1.google-analytics.com www.googletagmanager.com
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects www.bg3.co
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 am-wf.taboola.com vidstat.taboola.com
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 rtb.mfadsrvr.com 2 redirects
2 ads.playground.xyz ads.pubmatic.com
2 u.openx.net 2 redirects
2 secure.adnxs.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 match.sharethrough.com public.servenobid.com
cs-server-s2s.yellowblue.io
2 p.rfihub.com 2 redirects
2 ad.turn.com 2 redirects
2 ce.lijit.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 match.360yield.com 2 redirects
2 js-sec.indexww.com ssum-sec.casalemedia.com
cdn.adpushup.com
2 i.liadm.com 2 redirects
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 ums.acuityplatform.com 2 redirects
2 pixel.tapad.com 1 redirects eus.rubiconproject.com
2 capi.connatix.com 1 redirects eus.rubiconproject.com
2 fonts.gstatic.com ad.vidverto.io
2 tg.socdm.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.taboola.com am-match.taboola.com
2 ad.mox.tv 1 redirects onetag-sys.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 ads.stickyadstv.com 2 redirects
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 ads.betweendigital.com 2 redirects
2 fonts.googleapis.com cdn.taboola.com
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 a.teads.tv cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
1 mwzeom.zeotap.com www.bg3.co
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 r2---sn-1gi7znek.gvt1.com www.bg3.co
1 redirector.gvt1.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 cm.adform.net 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 ice.360yield.com 1 redirects
1 cs.admanmedia.com ssbsync.smartadserver.com
1 sync.adotmob.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 hbx.media.net 1 redirects
1 sync.technoratimedia.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 static.smilewanted.com csync.smilewanted.com
1 eu-u.openx.net adpushup-d.openx.net
1 acdn.adnxs.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 beap-bc.yahoo.com cdn.js7k.com
1 ssum-sec.casalemedia.com www.bg3.co
ssum-sec.casalemedia.com
js-sec.indexww.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
1 hb.yahoo.net eus.rubiconproject.com
1 live.primis.tech eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 cdn.js7k.com pn.ybp.yahoo.com
1 pips.taboola.com cdn.taboola.com
1 a.c.appier.net 1 redirects
1 pixel.quantserve.com www.bg3.co
1 a1123.casalemedia.com cdn.adpushup.com
1 pn.ybp.yahoo.com cdn.adpushup.com
1 5f1dad02383a875d2ce1ca56d7dc5967.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prg.smartadserver.com ad.vidverto.io
1 inv-nets.admixer.net ad.vidverto.io
1 b1t-eudc1.zemanta.com be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
1 stas.outbrain.com be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
1 vidstatb.taboola.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 imprammp.taboola.com vidstat.taboola.com
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 sync.aralego.com ads.aralego.com
www.bg3.co
eus.rubiconproject.com
1 secure.quantserve.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 s.company-target.com Failed ssum-sec.casalemedia.com
0 sync-dmp.aura-dsp.com Failed be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
0 adx3.adform.net Failed imasdk.googleapis.com
0 cds.taboola.com Failed cdn.taboola.com
0 static.bg3.co Failed www.bg3.co
698 204
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2023-12-27		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 125 frames:

Primary Page: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Frame ID: E00950F0A55ECE374E679DA946954A37
Requests: 219 HTTP requests in this frame

Frame: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC561CDB3C05F29354DBF584658F57A0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQnQJRy-5b3l3mbJ1QL5isea3Sah7DqkLk-UhnnCRO4JxkEIzMqoSwTLjU5HQLCbSfCzDsQCujZRKXpRqDQD85HrWBKwSF_Q8sq8wmzjM2I8SMdWRgU-pUfHAEmSnRroozoMvL8GdCHogvZFUAndyE2mOVULd686VoHEkRyZWfnnzH3tPLZ6SWLifrXBLTZJt50dJE8wPXbsLKL0nzGE6AXj-hiG0w1dzlBdFvGXFqZf8mMO3WXDbbuKe90LoVnitCuWV2F2DtFNhpU0W3NnSKSuQmwEj1oX1iHBG_EO1kgLFgO0a9y3jDzNdWHyzq7iSfuQ&sai=AMfl-YRgfH2QuoUNknfLLKijB39yzWDsgwTEQk3rpkCc5FJvCvojNQwkUgItSok-uJ27U76lf-838Y28rlqFetPmfeJXGC14si_9sLOrEU2KTKffZj1Oicv8pOnfl0lfJOufiRiRCwsQka4v1iYWHh-inJaC&sig=Cg0ArKJSzM3bn0ii-AoCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7D8526C5C0A5446944FD137E68F6183B
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 40A26990E462F488C7C6D422AC96FDF9
Requests: 16 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&cmcv=&pix=undefined&cb=1700350560823&uv=3358&tms=1700350560823&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f8ce33d-fb3b-4940-b865-4f3bc61a704a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2804C81D231407FE4C776C39DDB483EE
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 52A35B27593E8992A07ED3D7A76D5140
Requests: 3 HTTP requests in this frame

Frame: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D361158873DA4C62B9B324FE1A1F415E
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: CC32D6639DA4E1EE09CA8884FAAADCC8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: D31B9E767FBFBCA54F9329DC194F0105
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 5E8F266AC27FC0E80FCBBBC266B4097F
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 9B9C16868CE01F852258FD275A139B19
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 48F88EEC3DCE8370006A9E95324E2F35
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 88497718250636317F4EF6E105B294E0
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 0E938AB83A57A3A88C4016FB7616F859
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 39E1D3C3E59B95A46239E76B73A9C9B5
Requests: 20 HTTP requests in this frame

Frame: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7925D5836B08C547A4634946DCEDC428
Requests: 21 HTTP requests in this frame

Frame: https://5f1dad02383a875d2ce1ca56d7dc5967.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4A765C5935538D481288E88B8652C86E
Requests: 1 HTTP requests in this frame

Frame: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D8BBDB61C4629CA1D57217BD23A90C7
Requests: 20 HTTP requests in this frame

Frame: https://pn.ybp.yahoo.com/ab/secure/true/imp/FJ58K2LjJ80SbkWSzpVQe9BG9QKa4ZWY-Cv48X4JDfCtceCEIlw2yhScjfQi174c8S1MsJnEI2CrtRTtuy8g3pJ3GzECh9UQFXzVawI-ccWP6kXKdVUvmkmUKjhFVzUqAYyd8KmpZnFe94PCj3Dw6b-tsSvPLgPbAYemIR28aQ7Ms4JDuVP3xdN9avVK141ptPj02-C3NsT7oLJiBByoWF7bw89zWTqulI2EGzIfCdUneWuO6dT-vKq1KpG-oU1V0c6TDZ7D6VwSdUTVHlU0uzar6Y-2D8aLG_3kyxgDxTSXxLJwCTrAw_NKwOyZKv3BIkQWqOUoK6lrh_xO89y0ma_a7zP-vT6p-6DAOip-eiJkoAVY1ekNPDOAKwwYm6p0I_DslvKOCC93yH-VpiaYI4dBIM8slaoKmf9erbgqKWFOayZjXCPGDlR4CysCCbLTPr_gOW-KSrjm9o4JpIvtcY-eKJSZv0_6rQSouOrfR2aoFkIMW2GYqgJyL6dmUkpZ4OAxib8HpGJngz5ac9Y_VyRZspE9J8gikAmVvgbyhfgoXmKFVmRLGdfJ76Xh-ZIU_eIlpHhsOBO5iDOlZYtoZfYCGQE5E3JQCdZAsxzk3z1K-mZtApbtF9pY4ElFj0bwnzJS02RSGHdKNT3Qq3X8ORPd9vOBTX7dCv2KHJ_vikBLJfDw9MS8nAfMdQR1NCJ6QInD1fh9zewegw-13TQH4PsBoYJv0ZZ44tb2iPym-qG3syT6pUt1qIomF4yVTwpGQD-wpfgeDwgBmtGVYFWQk8lM0p4Fzy0hRgNYSa4YAppQtt3UiBrOntuoWcXuB5CrgKXYoPoOnEM49zJrhWntCYLBUGX6FTrOzYLW-xHoCGwTvHbEsyF_6isurX_JUZDHJ8HEddc_jUNVRmOesDPayL6r_n62ryyG1Ffs9dMVstVlMsOjbqWcW1lro7Zx_NOD6MEQ1C8Av2L2gtJciRZZWPXoTH-FZ_7X1qsvF-7U-WAf1YubJZOKJveIF-VaKU1mh0BCUaCFYOXwBC-icaieVFHAAqx0P-xHhm-ENj4Ys5tkoTAVaG9Fh8B-OjViQeU2yyYA2-mfsT0m3D3GduDKAdrexwMEiwdLLO6s90KRArkBiC-PF2G1uDJ2C--blQ0JTFbtlzgwjSu_Xa60xeqyD6uF967IaGTk9YQpfQcPuFlAELGBjzvFYQdG_Vkh3sEuco0NEz3_DjmTPnpkivUzUi2tLtc188ypvYv4tvpPEe-uR_tBa49uq9rUfS43dTruabb1NuCMKSre06dhXSFzdUUXQIyhkcCWR3zS6R1VUgu5XecHJMEf_CVGpTnvI6FeG8soIZ_YGcCmjYFm3r0eStlfQZvEDaf3oBPzTF_SMLnBkiECCjfjCBxRx0Kzs5uCx-BprAi8L8LYnQDDnU78Qj73K66vwNF0/wp/0.02
Frame ID: 2DC0810FF80E3A25DEAE23E1285F7104
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNWF394cVdafEiMFZb_DantsRTJpit55VZOt1mKIORqpIkVEBN52O426hDM5Ix6qmS_lxyqlBj9hjW_YmpIzEU0cdwctrA
Frame ID: E6BE3EBF75DB942A7F14C2846C2AEECE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNW6sWpdvB11TJc1LoLLXoPbtHu8Jva1DbpnKtmM1l3JaNzXY9S5IrAZuOlyEOTdCxA_aHDHdnhrSYue5JA1FISyIpVz8A
Frame ID: 9A49E6770303F6B9DBAEBA3FE9B00416
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 604E95240533F3CAA09EB36CC36C2EE6
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 550AF734737D0AFB8CED75E8E2263CF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 193EF0A948C95BA2B98928CDAE554DA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Frame ID: E0AF661CBC01D1CB9FE3FBEEB5A6B255
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E85053022C3065A1AF496B2E97EA2E5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E72DDB59372D48F8516E49C0F9F4C5B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6095DFC0BFF8E165418309F5B648ADF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49FE75D918D3BF311E8DED87C267AAEF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 6BD5AFFFFB68C74439EA7EF29EC0DA24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Frame ID: C7C3A98142E57A4ECC6CCB71E54C3826
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
Frame ID: 89261F82F4A8A7C26E91E0286D8F295A
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Frame ID: 07847FD55856C65607C6A0D9EF68ED2A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 69377758F2337F38D13C6815B45F82C8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 97E620FA28132A1CE2CBE504C124F02B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXKPvZMcgk06wX6Ufyaeicf1yJ2tk5xe0rlNOgIJ1hg3iolGo4RNknNzfppdfGiOzwdQmXKYj8byTAvMty0vOYsgl4X6A
Frame ID: 53FD8A957F87E028F4BE37702C64DCD2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EEB9948996F303B982189319F3B0A8A2
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Frame ID: A27F73E1310A9175F0B7343578E114F5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EBA3C3145602DA3EB2D32BF73B9FE043
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8F26EEF587C0C60C7CE47A30F566C6FF
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 25F29BB79F42FDC49777EDB8F4DCFC36
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 2AA5028DE2FF9CAAF150E69C4D47013F
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: E0D17B46FB13282C625FE6107F1D8E8F
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 6818D355134069E3217F5ECA1958CF2A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 73CEC4FA2F7A1E67B567FBA27E1FA808
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: F7DBCA020E7D698874654052B9021BB6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A81D51D2B2C8E8A8CDD11A62CDCDA9EF
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5BA8685285D50CB90AF1BDDD4E2E4CB9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700350560726
Frame ID: 0EB48759B5DF84DA4FA5224C2F50B89C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EF1C3AB7177141CA94DD84A7132D106B
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 0460FE423BBB6EB458508C1F2EC37521
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 5B90B39A157BBA621CA7FE71FA56F2AC
Requests: 10 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 562357E301143E18A49E4D87E83B48B4
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: A0C6A4FDFE3BD397CB7BE8770D464A2C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 65C1B9D41321B254E16CA9EAF0A9BB03
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: E4AE5505088574DB5C8C421DF7B373A1
Requests: 17 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 3117D1D79A09C69FC67D1277EDE38E9B
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: BC5403DA05DF67400C47CD9A089B6BD9
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 8EC88139745E0DF12A96956CBDAC69BB
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 5DA1B5F0C8B3A90A335E08089169CB76
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/2137512993614211217
Frame ID: FF099AA3363D80145E15B8954FE49583
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7912481373650271753
Frame ID: 4CD9A3EDDD6FA70EE66C3EE5BB048B9C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP4OTLUF-G-2PUA?gdpr=0
Frame ID: 4D1461E2F114CDCE2D4B4FC55C997770
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 2F291D737FFA6A6CABF8A73AEA22BE1F
Requests: 6 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/7a742af5-f233-435f-a828-83b228e83adf&partner_id=1010
Frame ID: 61D469D52469CA04499AF2774B0600DF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/2624f9ec-d379-465f-b0f9-471b44251e99
Frame ID: CB90F64CE63EBDAA17A869FD461D30FC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=1407869859430572812&gdpr=0&gdpr_consent=
Frame ID: B6E96FCB208343D3E235F4F3B76AD738
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hOTk3ODQ2OC00MTM2LTRjN2EtOGE4Yy1iODIxODA5ZDVhOTY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 79DC8C32A2FEFD24E2FEB6F5F2BA86E9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: FFAC19D5BB8E674F5D91FA2F76DF3D27
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: DCDBB99DCA06FD832ED78DA7141B5217
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVlKY8Co8X4AAPsS.PgAAAAA
Frame ID: A60E5334A6C2C63231E6AEA09E562164
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0&pi=gumgum&tc=1
Frame ID: AA0D07ADFE1769D54CF2C7E23764784E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E5397920931235F894EEAF5BFA452C81
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D5AD08BD159CC1E315B7FF92933CDDFE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/1407869859430572812
Frame ID: 980368DB1AB6EE9B566EDBCE630B2174
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/c8182020-ce52-4dfa-a2fc-60914baf135a
Frame ID: 97F4361C7F2028834E755C807BC8BF14
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 72C3CC4AB10E7777193FE070978867D8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0?pi=smilewanted
Frame ID: 272100FC4B02063AD7883F86A0C8646B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700350561688
Frame ID: F54433489D8113CF7A56AA51B33F88D1
Requests: 7 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: E276949F1A0E489EE2EB89EB7611B338
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DDDD3DB3B838521B70924B10283D23B9
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5463CF2-8511-4A81-B5E9-27264C2643DF&redir=true&gdpr=0&gdpr_consent=
Frame ID: 29911C03C6753F39AB68F61579C68CC0
Requests: 1 HTTP requests in this frame

Frame: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Frame ID: 1102CC9D1734DA077B907B84B2E14E8D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: 0AADA8DBD3A4174BF683619D20AA7CFA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: 8244E2FC2A5ACC8C3562EE227EE131F1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: 29CC23A20F04EEFCC65A9CD93DF32083
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 1F49DFB041B89A69237811A5EDFB555B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAILm07KspUAABPKNXVjKQ&gdpr=0&gdpr_consent=
Frame ID: 4439C0365D03FEBF36150E6ACA1BCF5C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F69E271BB77D94E4BD97DBA83496EEAD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 7C245E81BCBF3F2593080169E0F483B8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVlKZQAAqr172ABU
Frame ID: BC9773B455B4ED637F9CE1922A9752B7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: A29FDB90D9208960A1681A15C4E995CF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 28D0FD2202D31EEAEDC225D9DA8163C1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E004270ECC9D7F287124201C20E4B1F0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6785042868299480284
Frame ID: 1FF1D22AC7E1073815313BC471B52F78
Requests: 1 HTTP requests in this frame

Frame: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Frame ID: 3F4D5AFF023DAEA930423CD42A2BD2AD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: E86A75DD13AC92AFBE12462B7A6420EA
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: AE818F3C2AE9DE7C30492D80425C24E2
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 52179FF452DCBDC2BD0BCB84AEEC0667
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C6BC4A029D313C7BC967C318F126B9B5
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: C63EC1AD78B16AC38566A70A5C906B9C
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: 01C629DC11FE38D92ABA9720E2D9E805
Requests: 4 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: 7200E8EEB8EE5EB1528414856811317E
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16831550403370811392/CH-DE_STGO_Overall_platform-1-DECH-300x250-638330445275967645-c730622a-2cf5-4958-a64d-2195a9a063b8.html?ev=01_250
Frame ID: 9042007D854A620F8C044A4505400D96
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 552C269DE556978C4A579A34F4D04108
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98020A42D97CD37E600067142FF27558
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/17d88367-ca0a-4163-bf1f-1eaa3415e0c4
Frame ID: B2E8AF34611D4E56C0E50F4E647ECE7B
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=135&h=195&q=99&f=webp&rt=contain
Frame ID: 3ECB92B6303EC2CC0B53D33C20EB8673
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=
Frame ID: 65DB7B91627238A0FE9BC77EE1CBD50C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaXnMQanThnWgQVXn&gdpr=0&gdpr_consent=
Frame ID: 0A0415D3D5B634FD91D51BD35B532CE6
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: D5F8FA8B9042F647330FE8B6535B606E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E8792D6D8EDA461797697F729A7C99E1&gdpr=0&gdpr_consent=
Frame ID: 69A1775FAE6C57524387228F5AF735B7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8419406205
Frame ID: 502069AD74EB96E4D4454A1692130043
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: 94A0CCEA464D303F820917C85CABB872
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: AED83ECFD7ECACD0E190BA8A941B8F8E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: 4D3BDD5F07E1E23406AD5C49B2A86382
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C5463CF2-8511-4A81-B5E9-27264C2643DF
Frame ID: C2ADEDA8EFA4BEFC3EA66EAF5C334B77
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7196943425541767168/CH-DE_interest_rate-1-DECH-300x250-638330445275979907-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Frame ID: 38ADB79F755A3210E42F6F16F84AC317
Requests: 8 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/ee511e07-f5fd-4e20-a754-7e99417975e5
Frame ID: ED4621A1864A4076BBEC5A6E2DB1A186
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Frame ID: 8A8544AEE3C094CDBF253E5D61629B66
Requests: 8 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: 12686D9C0D36F16891650D4CDA68B469
Requests: 1 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: D98012FA0DBA7C73E7FC204A4BC326C7
Requests: 1 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: E8713D24072E680E390E9DD368393805
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: EA2E63DE39670DF75F2387899F9C8697
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Frame ID: 484A136108E51D60C5D65333D5E616A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

足球/中華女足白淨正妹林勻 結束全年比賽展開變發美白 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

698
Requests

77 %
HTTPS

0 %
IPv6

122
Domains

204
Subdomains

119
IPs

17
Countries

6101 kB
Transfer

18518 kB
Size

210
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 153
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=a968947a-67a5-4369-bef6-eabf514204de&p_id=23
Request Chain 154
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=6be710a2-42ae-4c4e-adf4-c4aad8cc457c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=6be710a2-42ae-4c4e-adf4-c4aad8cc457c&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=304285519588638832 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=97aef2af-edf6-5243-bbf9-225edea0683f&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=8dfccedd-668a-44ee-b95e-d349fc17fa76&p_id=15
Request Chain 164
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LP4OTLTN-16-H3RQ&gdpr=0
Request Chain 165
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4361217955105951063
Request Chain 166
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
Request Chain 168
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-TKirgLAiDv8nGOMjagfe4qFNFQt6FTng
Request Chain 169
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=2137512993614211217
Request Chain 171
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0
Request Chain 172
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzU0NjNDRjItODUxMS00QTgxLUI1RTktMjcyNjRDMjY0M0RG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfDVgNSdUx20TTR8w44x3Q&google_cver=1
Request Chain 174
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Request Chain 176
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=8dfccedd-668a-44ee-b95e-d349fc17fa76&google_hm=OGRmY2NlZGQtNjY4YS00NGVlLWI5NWUtZDM0OWZjMTdmYTc2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEP13W5WudPPBdydCVH1C1eQ&google_cver=1&ssp=onetag&bsw_param=8dfccedd-668a-44ee-b95e-d349fc17fa76 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
Request Chain 177
  • https://ad.mox.tv/delivery/sync?userid=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0&p_id=5
Request Chain 200
  • https://pr-bh.ybp.yahoo.com/sync/taboola/26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
Request Chain 212
  • https://pr-bh.ybp.yahoo.com/sync/taboola/26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
Request Chain 215
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 216
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/5e7a7e5e-e66c-3875-b259-daff7646a659?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-F5yJpkhE2oXh2HK91UFE8O_x6R.XO2K66aU1yac-~A&redirect=
Request Chain 257
  • https://a.c.appier.net/gcm?google_gid=CAESEFiwSgqEVaPQuJEYd6Fuh1g&google_cver=1&google_push=AXcoOmSos4IXfR8_O6q5FViZaJGNwyn2FkfWrJH5NtT-1FexnJYvZHmNEY5baRGhjQrzP1S7d-aN6AngXo4bazRK0TjoHy8GHNGu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=M09BbUN5UENCQW1ZOW1UeFlrcFpaUQ%3D%3D&google_push=AXcoOmSos4IXfR8_O6q5FViZaJGNwyn2FkfWrJH5NtT-1FexnJYvZHmNEY5baRGhjQrzP1S7d-aN6AngXo4bazRK0TjoHy8GHNGu
Request Chain 258
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELCpk5Jvw_FgYfGaYykI2P0&google_cver=1&google_push=AXcoOmThZ_m7v-twUL07tK1qUu5fFOMzMTPuoViNEl4ClDHnT6rH7VjOQtgSkepKj18s2tyGDoMj-JVqAf8rdo7M3iV1jTZ0K6kkfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmThZ_m7v-twUL07tK1qUu5fFOMzMTPuoViNEl4ClDHnT6rH7VjOQtgSkepKj18s2tyGDoMj-JVqAf8rdo7M3iV1jTZ0K6kkfw&google_hm=eS1xUy5LVlZ4RTJwR0FVRllZR1FzWmtaZHV5V05xV2FMQn5B
Request Chain 259
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDZqQ6DCVBHhuGSoyyODT1s&google_cver=1&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBgA HTTP 302
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEDZqQ6DCVBHhuGSoyyODT1s&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBgA&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBgA&google_hm=jy4oVnQ5y2skkjc-skhzLA==
Request Chain 260
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEy60tWr9Y34_tl6gT048P8&google_cver=1&google_push=AXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700350562270 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA%26google_hm%3DAyKuCLPw0UYgh7RD-FijYlk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA&google_hm=AyKuCLPw0UYgh7RD-FijYlk
Request Chain 261
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHDFgLSzgGkMX0kzydlWLNY&google_cver=1&google_push=AXcoOmRITYYVOZcfsJJw7MrzfiM1uR-29HPuWvMEf23y-xGroFwYn4vYuY02rqOOugZXXiw0YFUmOhtSWdTtQKopd4NM0D0l-4-7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRITYYVOZcfsJJw7MrzfiM1uR-29HPuWvMEf23y-xGroFwYn4vYuY02rqOOugZXXiw0YFUmOhtSWdTtQKopd4NM0D0l-4-7&google_hm=WlZsS1k4Q284WDRBQVBzUy5QZ0FBQUFB
Request Chain 262
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECfDVgNSdUx20TTR8w44x3Q&google_cver=1&google_push=AXcoOmT6kUYCVwQx0us92C7krWZ_KUPKS20ASHj-IcNiGWJfZzTfUs-0e7FQGLhM1D6JuBTojvAen9C7gWOcoKpCA5paE6yVrRG-lg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-TKjvDfai8wWknAXqvCxSwO6BIlHJulcw&google_push=AXcoOmT6kUYCVwQx0us92C7krWZ_KUPKS20ASHj-IcNiGWJfZzTfUs-0e7FQGLhM1D6JuBTojvAen9C7gWOcoKpCA5paE6yVrRG-lg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 263
  • https://an.yandex.ru/mapuid/google/CAESEN0n2wpquWIetm6BFGfyPIQ?ext-param=AXcoOmRmWhfygZ-xGF2hKErxPLMnCb6PEF0JG3ihUuXRdGhK9KoYfqawar-NlQjhPQnzkjjmC9oG7Fv8KWAjTNi-5eO376jlB73L4w&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEN0n2wpquWIetm6BFGfyPIQ?redir-setuniq=1&ext-param=AXcoOmRmWhfygZ-xGF2hKErxPLMnCb6PEF0JG3ihUuXRdGhK9KoYfqawar-NlQjhPQnzkjjmC9oG7Fv8KWAjTNi-5eO376jlB73L4w&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEN0n2wpquWIetm6BFGfyPIQ&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
Request Chain 301
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVlKYixMYebMuplBAlkvygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
Request Chain 304
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVlKYqCSXzBvE02eIQk4qQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
Request Chain 306
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP4OTLUF-G-2PUA HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP4OTLUF-G-2PUA
Request Chain 330
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DyDxDf2bSF-iTNCTDGKzRg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DyDxDf2bSF-iTNCTDGKzRg
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECty2u0JtOhcTgDxZ3A9sjM&google_cver=1
Request Chain 332
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTE0OWEwMmZmMTVjY2I3MGI3YzRkYjBkZDkwOGEyNmZhNGQ0ZWE3Zg
Request Chain 333
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP4OTLUF-G-2PUA
Request Chain 334
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA0T1RMVUYtRy0yUFVB HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOwRQGLbovWMvvS6HDXrg4c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=
Request Chain 335
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP4OTLUF-G-2PUA&ex=d-rubiconproject.com&status=ok
Request Chain 336
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S6FAUVpgS4SIBc9VZfq4NA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S6FAUVpgS4SIBc9VZfq4NA
Request Chain 339
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAILm07KspUAABPKNXVjKQ&expires=30
Request Chain 340
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP4OTLUF-G-2PUA&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP4OTLUF-G-2PUA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LP4OTLUF-G-2PUA
Request Chain 342
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP4OTLUF-G-2PUA HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP4OTLUF-G-2PUA
Request Chain 343
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP4OTLUF-G-2PUA
Request Chain 344
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP4OTLUF-G-2PUA&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP4OTLUF-G-2PUA&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1YZGFJSGc1RTJ1RURUNXBsYldIM0hCRlZQR2xSc2RTYn5B&ovsid=LP4OTLUF-G-2PUA&dpid=58160
Request Chain 345
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP4OTLUF-G-2PUA
Request Chain 358
  • https://um.simpli.fi/gp_match?google_gid=CAESELA1seJ_SmQJWEIAWfla1Q8&google_cver=1&google_push=AXcoOmS4_MqH6Xim1Beqz9casr9B1Jcnn1OWLRDTmbmzhDMygj1y1izHerzfpao3cIPlNOiDo4ze5rDXZe-TQTOV7qPNuFiR5C7L-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E8792D6D8EDA461797697F729A7C99E1&google_push=AXcoOmS4_MqH6Xim1Beqz9casr9B1Jcnn1OWLRDTmbmzhDMygj1y1izHerzfpao3cIPlNOiDo4ze5rDXZe-TQTOV7qPNuFiR5C7L-w
Request Chain 359
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBZIljeOLRHVX0kP1qvhqE8&google_cver=1&google_push=AXcoOmQ3pwcp5lmkXl33fAw8pn-zlbAG-r0qnw_pGsZAxXYwWFIo7vCUn7HU8-64bSAOsTJX9wxjtgsfbrMSn9pfkOM0_WUNWQxThw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzcyNDY5OA%3D%3D&google_push=AXcoOmQ3pwcp5lmkXl33fAw8pn-zlbAG-r0qnw_pGsZAxXYwWFIo7vCUn7HU8-64bSAOsTJX9wxjtgsfbrMSn9pfkOM0_WUNWQxThw
Request Chain 360
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEC4ZwIXTFjhMabyRU-GUsv8&google_cver=1&google_push=AXcoOmQ8Wv8eMpEHZaF8xl-ek24e8Lw8Kth-D_EOfEUe3EZAWzJIklfZRi35ccagA8KHB_fvhsd1lNx87I6pf_dDdEn0epFrrAXa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
Request Chain 361
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7BB0HmjCUIsFRhRIEXA38nZnzJSxA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7BB0HmjCUIsFRhRIEXA38nZnzJSxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4NTk0MTUxODA3MzA5NjkzMQ&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7BB0HmjCUIsFRhRIEXA38nZnzJSxA
Request Chain 362
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGBoHqT8dJIDhT6yqpOoC_Q&google_cver=1&google_push=AXcoOmS41dnRdKx_dN9pywr-zOBMIxvTrFYpV5-cxy5jEltrg6808b7UioPag-X7hubUBkMyGxqI65Ht_NLBIzZdnHlBB2eihFIl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmS41dnRdKx_dN9pywr-zOBMIxvTrFYpV5-cxy5jEltrg6808b7UioPag-X7hubUBkMyGxqI65Ht_NLBIzZdnHlBB2eihFIl&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw%3D%3D
Request Chain 365
  • https://um.simpli.fi/gp_match?google_gid=CAESELA1seJ_SmQJWEIAWfla1Q8&google_cver=1&google_push=AXcoOmSx2zR4z08QorBeoSgK7LnG3Ma0pMcQ-n5cEfEYaXw2JJB-8QAhHMTsisIMTjjWRTIaLDwDh3C8KxwFa_Ccitk22CIKu4LS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D485EB1861E442CB9A5C2E3920010CC8&google_push=AXcoOmSx2zR4z08QorBeoSgK7LnG3Ma0pMcQ-n5cEfEYaXw2JJB-8QAhHMTsisIMTjjWRTIaLDwDh3C8KxwFa_Ccitk22CIKu4LS
Request Chain 366
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBZIljeOLRHVX0kP1qvhqE8&google_cver=1&google_push=AXcoOmQ_t4RrSVt-k1H-ELXrJyMzGKUGFAsiwcFtedag62gPhYi0pMhf6-XctZUvGMCyw1eXFdm6vLLGCTCx-DvGU7c0iwr_b9M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzkyMTI5OQ%3D%3D&google_push=AXcoOmQ_t4RrSVt-k1H-ELXrJyMzGKUGFAsiwcFtedag62gPhYi0pMhf6-XctZUvGMCyw1eXFdm6vLLGCTCx-DvGU7c0iwr_b9M
Request Chain 367
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEC4ZwIXTFjhMabyRU-GUsv8&google_cver=1&google_push=AXcoOmTBQogOmoGqLqM6FAxHRIBS5cjt9yBlLYADKJ-4YzfKoIYYQx1OXqh2FIOo85SfhpzH4EvL4e-xkb-2Q8H4yY1cCEVvsCoV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
Request Chain 368
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4-0adXqXLjTCoA-9_LTf2iF35n HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4-0adXqXLjTCoA-9_LTf2iF35n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQwNzg2OTg1OTQzMDU3MjgxMg&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4-0adXqXLjTCoA-9_LTf2iF35n
Request Chain 369
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGBoHqT8dJIDhT6yqpOoC_Q&google_cver=1&google_push=AXcoOmTJNgxNEAbCv8bnyEaWDuRS6hAMUgxDEQ4bahBMqDm_aXwT7mbB0GlCONlhgYtmbNZF-qWDw0sYIRbSnUNAwaaNzyk3yv8J HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTJNgxNEAbCv8bnyEaWDuRS6hAMUgxDEQ4bahBMqDm_aXwT7mbB0GlCONlhgYtmbNZF-qWDw0sYIRbSnUNAwaaNzyk3yv8J&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw%3D%3D
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEA6U77NI2qvvbf-imkkpbB4&google_cver=1
Request Chain 380
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVlKYixMYebMuplBAlkvygAA%265190&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVlKYixMYebMuplBAlkvygAA%265190&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=28f86352f570410680bbd6c54dd0de68 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 381
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 382
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 383
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=L37kLeNK1R4uR55
Request Chain 384
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4130517591434833021
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMjhGHizLUyGILELBgEilxQ&google_cver=1
Request Chain 401
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxMjQ4MTM3MzY1MDI3MTc1Mw%3D%3D
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
Request Chain 403
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYwMWU4YjAtMmE2Yi0yNjY1LWUzNmMtZGE0ZWYwN2I3ODhi
Request Chain 436
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFkgJUwLV8-bbR4kkgna4KQ&google_cver=1&google_push=AXcoOmQZ3EBOe2-3BfPPTX1WYaqN0UaZR1P1Vh_9bixe6J5abtr46XjB7D1hTuQixiHXzSJQJOeMnsDrR872eHZlKX7azyHEqShFoCPou40Cj9cjYBrQ6qps4PUdDVxO5rUdYOT-nM9TswL9oIyGg2aNvH9p HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQZ3EBOe2-3BfPPTX1WYaqN0UaZR1P1Vh_9bixe6J5abtr46XjB7D1hTuQixiHXzSJQJOeMnsDrR872eHZlKX7azyHEqShFoCPou40Cj9cjYBrQ6qps4PUdDVxO5rUdYOT-nM9TswL9oIyGg2aNvH9p&google_hm=jfzO3WaKRO65XtNJ_Bf6dg==
Request Chain 438
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHYWuCv3uLMO2eJp5jkIZWc&google_cver=1&google_push=AXcoOmS2I_jl_j0jJj_SB8_UQ0OjwRYi1-eOdqKItSz7IcGvV9T66fxHBKqwEog3RuJ7qVIWt49KnrR28HNTbcFkcCdp3Nq3TiIaKmnBsrYMKq3qlKff54qhXnMoy2kFeMCLxoIYwrQdkeMPkJ54Jw6mZPy7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TL1JPcKpWDx4iKgRhMZumx-kP1Y&google_push=AXcoOmS2I_jl_j0jJj_SB8_UQ0OjwRYi1-eOdqKItSz7IcGvV9T66fxHBKqwEog3RuJ7qVIWt49KnrR28HNTbcFkcCdp3Nq3TiIaKmnBsrYMKq3qlKff54qhXnMoy2kFeMCLxoIYwrQdkeMPkJ54Jw6mZPy7
Request Chain 439
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOwRQGLbovWMvvS6HDXrg4c&google_cver=1&google_push=AXcoOmSu3Usw1UAeJORmoBUZB-gSSde_wJIRuXsIKk6D33N701wCdFPFYdsFynOJaPrhNxfoRjnyDSKJY9cNyCeiEwJBKiGi47xP732LUjrS967_Hi6wmKFVvDkEG7EL8JVwiqaGDrId_fKQjdj56jcMPM9X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=AXcoOmSu3Usw1UAeJORmoBUZB-gSSde_wJIRuXsIKk6D33N701wCdFPFYdsFynOJaPrhNxfoRjnyDSKJY9cNyCeiEwJBKiGi47xP732LUjrS967_Hi6wmKFVvDkEG7EL8JVwiqaGDrId_fKQjdj56jcMPM9X
Request Chain 440
  • https://match.360yield.com/match/ebda?google_gid=CAESEHKKQU17KEa_2BDy-YkOz-Q&google_cver=1&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiBdsMq76DL8-qonoQhMS_4BCKWVhBRd_yBTnZSWjNNx-wlqcJgjZtOCW-ut2fw8p8ckdmop HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHKKQU17KEa_2BDy-YkOz-Q&google_cver=1&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiBdsMq76DL8-qonoQhMS_4BCKWVhBRd_yBTnZSWjNNx-wlqcJgjZtOCW-ut2fw8p8ckdmop HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=enQq9fIzQ1-oKIOyKOg63w&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiBdsMq76DL8-qonoQhMS_4BCKWVhBRd_yBTnZSWjNNx-wlqcJgjZtOCW-ut2fw8p8ckdmop
Request Chain 441
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFidyT1tA_3UzzlFTROX8ok&google_cver=1&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_Id9-ntMV8neuR0C92QzqxEmnXCwfQZ6Cr3lfcLNRuRcZ7nos5OAc6rwAYOPEXNBpbvRDTIab2Z0o5XOjUtlilM4ulmR744wkn2Wtb HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_Id9-ntMV8neuR0C92QzqxEmnXCwfQZ6Cr3lfcLNRuRcZ7nos5OAc6rwAYOPEXNBpbvRDTIab2Z0o5XOjUtlilM4ulmR744wkn2Wtb&google_gid=CAESEFidyT1tA_3UzzlFTROX8ok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA3ODAyMTYxNDk3MjQ0MTA4NTY2OA%3D%3D&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_Id9-ntMV8neuR0C92QzqxEmnXCwfQZ6Cr3lfcLNRuRcZ7nos5OAc6rwAYOPEXNBpbvRDTIab2Z0o5XOjUtlilM4ulmR744wkn2Wtb
Request Chain 471
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EaHVHhP11hYK8NVGF6bNREL1hhUKodgeFPafKb48
Request Chain 472
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1407869859430572812
Request Chain 476
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
Request Chain 483
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 488
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7912481373650271753
Request Chain 489
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HreopRZH2MxDdztuQ36MVDKJ
Request Chain 491
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6631158481 HTTP 302
  • https://sync.1rx.io/usersync/turn/4130517591434833021?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-22ae08b3-f0d1-4620-87b4-43f858a36259-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003
Request Chain 492
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210828214939098
Request Chain 493
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=e3ee8dd5-862a-4724-9f50-268fcdbab9f3
Request Chain 494
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 495
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Request Chain 496
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-aa4f771b-045b-3186-8546-192d8f7763c6&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYyAiIdOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYyAiIdOAE= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYyAiIdOAI=%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=29&buyeruid=tgyFQHDwdN34&r=Cid1YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYyAiIdOAI=&gdpr=&gdpr_consent=&ev=1&us_privacy=&pid=562894 HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-aa4f771b-045b-3186-8546-192d8f7763c6
Request Chain 497
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Request Chain 499
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 502
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/2137512993614211217
Request Chain 504
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LP4OTLUF-G-2PUA&gdpr=0
Request Chain 507
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJexMONvz0N-CuyApZASTg&google_cver=1
Request Chain 508
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Request Chain 510
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e0b8254e-28a9-4723-81aa-4f41505f2a4c&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
Request Chain 513
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw==&gdpr=0&gdpr_consent=
Request Chain 514
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b185c02e30
Request Chain 515
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09d12204009edc3a9589dae6&gdpr=0&gdpr_consent=
Request Chain 517
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7912481373650271753
Request Chain 519
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP4OTLUF-G-2PUA?gdpr=0
Request Chain 524
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/7a742af5-f233-435f-a828-83b228e83adf&partner_id=1010
Request Chain 526
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7912481373650271753
Request Chain 527
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a9978468-4136-4c7a-8a8c-b821809d5a96&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=893596e3-ebcc-4ae5-b5ce-59208add6eed&expires=1&user_group=2&ssp=gumgum2&bsw_param=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 528
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=74539f0a-cb09-4097-91f7-901af2c9b7ad
Request Chain 529
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4cbd493d-c2a9-583c-7888-a81184c66e9b$ip$31.164.63.86
Request Chain 530
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-FCXA2hZE2pcitwqcGl6C1HQ6GsZu8.HcQ1nC~A
Request Chain 531
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f002763b-bff0-42e6-a652-375ee26c26fb
Request Chain 533
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a9978468-4136-4c7a-8a8c-b821809d5a96&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_a9978468-4136-4c7a-8a8c-b821809d5a96&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=kGaQ4qF6KBrZ2e8WsNCv&gdpr=0&us_privacy=1---
Request Chain 534
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=tgyFQHDwdN34&ev=1&pid=558355
Request Chain 535
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2137512993614211217
Request Chain 538
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/2624f9ec-d379-465f-b0f9-471b44251e99
Request Chain 540
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=1407869859430572812&gdpr=0&gdpr_consent=
Request Chain 544
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVlKY8Co8X4AAPsS.PgAAAAA
Request Chain 545
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0&pi=gumgum&tc=1
Request Chain 546
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 548
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP4OTLUF-G-2PUA HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LP4OTLUF-G-2PUA
Request Chain 549
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1407869859430572812
Request Chain 552
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 556
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0?pi=smilewanted
Request Chain 558
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
Request Chain 559
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 562
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=846f10bf61a5b70cf597361d640a89e1
Request Chain 563
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a37d97e-9c8e-4795-8e14-99007a9a3c0e
Request Chain 564
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 566
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 568
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4078021614972441085668
Request Chain 573
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2CKnV9p2pF_Dc6cP3iW_DYt29FzDIqpX3XVpOJEO HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 574
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7912481373650271753&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 575
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302950059823921299&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 576
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TL1JPcKpWDx4iKgRhMZumx-kP1Y&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 577
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=cb3b0366-05e3-4995-8e60-308c57af4b83&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 578
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJTG0wN0tzcFVBQUJQS05YVmpLUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAILm07KspUAABPKNXVjKQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2137512993614211217&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAILm07KspUAABPKNXVjKQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2137512993614211217%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2137512993614211217&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAILm07KspUAABPKNXVjKQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAILm07KspUAABPKNXVjKQ&gdpr=0&gdpr_consent=
Request Chain 579
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUffea1325252341f4a2847df96a8bccc0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 580
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 581
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVlKZQAAqr172ABU
Request Chain 582
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 585
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6785042868299480284
Request Chain 586
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210828214939098 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 590
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 592
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xUY88oURSoG16ScmTCZD3w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 593
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=&ct=y
Request Chain 594
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1483720727
Request Chain 595
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDVjbzlhdjRHTERRYVNGeXdnLTZ1aUNLZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1407869859430572812&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 597
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1407869859430572812 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 599
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0xo9EENE2uV8ap.bxcFKpCIUpi_5j.U-~A&gdpr=0
Request Chain 601
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0f9adfcf-e87e-460f-b9ad-5f7cafba38d8-65594a65-4348&gdpr=0&gdpr_consent=
Request Chain 602
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7322cb7e804d1680&is_secure=true&networkId=17100&version=1&nuid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHqouGtI4QdgNDdFnMAAAAAAA&expiration=1700436966&nuid=C5463CF2-8511-4A81-B5E9-27264C2643DF&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 603
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4130517591434833021&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 604
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6c2a13ba-ccce-4db1-b58c-cb05cf0958b3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Request Chain 612
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP4OTLUF-G-2PUA HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LP4OTLUF-G-2PUA
Request Chain 654
  • https://redirector.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/ip,ipbits,expire,id,itag,source/signature/5537E6BA8564AE394883924173F5284681E5AA62.7FE94153E4F4559AAE2CD9B8B95F1CAC51C3DFD1/key/ck2/file/file.flv HTTP 302
  • https://r2---sn-1gi7znek.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B028ED6E7347612634E460DBF18CE4CB9D37E04.07D8EEAC7D3AD9DEF699EEB09ED792547F17FC59/key/cms1/cms_redirect/yes/mh/9f/mip/31.164.63.86/mm/28/mn/sn-1gi7znek/ms/nvh/mt/1700350342/mv/m/mvi/2/pl/15/file/file.flv
Request Chain 658
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=02efd0e7be4ad52e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaXnMQanThnWgQVXn%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=b42411558eb6cc58e7e7aeca5e1efa25&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaXnMQanThnWgQVXn%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaXnMQanThnWgQVXn&gdpr=0&gdpr_consent=
Request Chain 660
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E8792D6D8EDA461797697F729A7C99E1&gdpr=0&gdpr_consent=
Request Chain 661
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8419406205
Request Chain 664
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C5463CF2-8511-4A81-B5E9-27264C2643DF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C5463CF2-8511-4A81-B5E9-27264C2643DF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 665
  • https://pixel.onaudience.com/?partner=214&mapped=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8583faeb368b46f6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b42411558eb6cc58e7e7aeca5e1efa25&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

698 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
www.bg3.co/a/ 		58 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
be5b88e3780a469273b0b219bafd9f7952ff699980e266bc7760f7a655ca1ac0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:35:58 GMT
etag
"e999-0RkAYzr+BdEYC4wDK/AETYHTk38"
expires
Sat, 18 Nov 2023 23:36:58 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 23:35:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 Nov 2023 23:35:59 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 23:35:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 Nov 2023 23:35:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5d969b136a91492e3adc24c8e617d5bb0febc363b6596b03d24c9c309d3b66de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31448
x-xss-protection
0
server
cafe
etag
785 / 19679 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:35:59 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7772ea94f26e103786fe2b02699df808d912411a9a998348251532d9f49ca102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91439
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 23:35:59 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 12:16:54 GMT
server
cloudflare
age
6724
etag
W/"655759b6-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
828408727d2d6fa0-CDG
expires
Sun, 19 Nov 2023 09:43:55 GMT
adRecover.js
delivery.adrecover.com/43519/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
8b6f510c76d49c6b1f3ce31698a30b4ae9aa10b553c3c8306de4366eb42e012c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
age
54095
x-cache
HIT
x-client-device
desktop
content-length
11412
x-ap-device
DESKTOP
last-modified
Sat, 18 Nov 2023 07:59:31 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Sun, 19 Nov 2023 00:35:59 GMT
adpushup.js
cdn.adpushup.com/42753/ 		758 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
71f4499efa56831796e734d4e39cbc3943f9cc94d43498ae41b4cf7a85c15583

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
age
64889
x-cache
HIT
x-client-device
desktop
content-length
159658
x-ap-device
DESKTOP
last-modified
Fri, 17 Nov 2023 23:49:13 GMT
server
ECAcc (frc/4CC5)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Sun, 19 Nov 2023 00:35:59 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f32ec7a452af020a426f77bb326ece4e42276a194b650aedd1287ee054fda884

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KUWczeTzdo6sr4mnjSRd0RN7yEgLl3Bu
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:35:59 GMT
x-amz-request-id
9F1TAQM43PN6TW0B
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
56768
x-amz-id-2
BDcRhlBX9d1sdvlhOevbesM0Ubn15pnoe7a1s/eDd83U064QNz+CBeewvmup6sXCoXdvz1kdTsI=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 11:45:45 GMT
server
AmazonS3
x-timer
S1700350559.133005,VS0,VE105
etag
"9723a2eed02dc84d9d9896aba7dd77f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11926
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuRIAYsWh%2FywoYLhoA5kB96QtaDz%2FNQVgDEn9ZVRpRc0Ms1hauUYk3%2FDy3ZCMs7OUJqwsuJ8AfApFDAwXhQuS9e%2FQxJXHpApr5oxkZkTyuWCuxxf8JrJ%2BUh6rzFqPNGuiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
828408798b0d2299-CDG

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
t.php
c.statcounter.com/ 		192 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=54F84D3B83BB4F9641590955F7EE80B9&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&t=%E8%B6%B3%E7%90%83%EF%BC%8F%E4%B8%AD%E8%8F%AF%E5%A5%B3%E8%B6%B3%E7%99%BD%E6%B7%A8%E6%AD%A3%E5%A6%B9%E6%9E%97%E5%8B%BB%E3%80%80%E7%B5%90%E6%9D%9F%E5%85%A8%E5%B9%B4%E6%AF%94%E8%B3%BD%E5%B1%95%E9%96%8B%E8%AE%8A%E7%99%BC%E7%BE%8E%E7%99%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=3017&sc_rum_e_e=3022&sc_rum_f_s=0&sc_rum_f_e=3015&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
828408734dc56fa0-CDG
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5548356
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-ams21072-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700350560.741983,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4539, 17238
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5112460
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-ams21072-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700350560.741948,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
197788, 1092254
Q0hfREVTS1RPUA==.json
cdn.adpushup.com/fpe/42753/MAN_Data/ 		555 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 19 Nov 2023 00:35:59 GMT
date
Sat, 18 Nov 2023 23:34:56 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
x-client-device
desktop
x-client-geo
CH
impl.20231116-8-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_kI5ttVDhCqEeGHhZcRo5bvH1ylz9ugV
content-encoding
br
via
1.1 varnish
date
Sat, 18 Nov 2023 23:35:59 GMT
x-amz-request-id
9963MWMVKCYA689D
age
17497
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173608
x-amz-id-2
RepLC4XcZBzwgV2OaQV6HhYXWCe8df6Vd9ROcN/71lV0iIfxy0MnNzf94fb34lwi8XVCN8yTonA=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:43:36 GMT
server
AmazonS3-br
x-timer
S1700350559.416034,VS0,VE0
etag
"1197218d03012ab8adb967e77a22c1b6"
vary
Accept-Encoding
content-type
application/javascript
abp
60
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
10489
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
221384
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		72 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=00%3A35%3A59.520&lti=deflated&data=%7B%22id%22%3A415%2C%22ii%22%3A%22%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700135136150%2C%22vi%22%3A1700350559518%2C%22cv%22%3A%2220231116-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html%22%2C%22vpi%22%3A%22%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3406%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1881.59375%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f8ff286cc05de380ef5e52adca8bcc56296b8b9cca3a33415cd7b435e953246

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
280
date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.38625
x-fastly-to-nlb-rtt
69563
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21081-AMS
x-log-content-encoding
gzip
server
nginx
x-timer
S1700350560.559992,VS0,VE280
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
44213
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 17 Nov 2024 11:19:06 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700350558957&gcd=11l1l1l1l1&dma=0&cid=1109969163.1700350560&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700350559&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=%E8%B6%B3%E7%90%83%EF%BC%8F%E4%B8%AD%E8%8F%AF%E5%A5%B3%E8%B6%B3%E7%99%BD%E6%B7%A8%E6%AD%A3%E5%A6%B9%E6%9E%97%E5%8B%BB%E3%80%80%E7%B5%90%E6%9D%9F%E5%85%A8%E5%B9%B4%E6%AF%94%E8%B3%BD%E5%B1%95%E9%96%8B%E8%AE%8A%E7%99%BC%E7%BE%8E%E7%99%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3488
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc8a1063d273779a17657e5445f32afc.jpg
static.bg3.co/imgs/202105/ 		0
0
f316c1d713b30e6d3aca8ccc2ef8e164.jpg
static.bg3.co/imgs/202105/ 		0
0
2ffe0ed51fd79314720eb84fab353c8b.jpg
static.bg3.co/imgs/202105/ 		0
0
ff43b41857dcfe34d37815fcd9a7f8f8.jpg
static.bg3.co/imgs/202105/ 		0
0
702234c41c010004588192f9d548cba8.jpg
static.bg3.co/imgs/202105/ 		0
0
4b653fd25dc60dffec7cceb415d77872.jpg
static.bg3.co/imgs/202105/ 		0
0
828fbdec815f16b15e120e0c8ed1bc43.jpg
static.bg3.co/imgs/202106/ 		0
0
b9e639c9ef34fa1714511130290104c9.jpg
static.bg3.co/imgs/202105/ 		0
0
ea008fd02ea133e958bf9a2f647c5f85.jpg
static.bg3.co/imgs/202309/ 		0
0
4a6edf5c6a7c53fa24469216fc8ae1a9.jpg
static.bg3.co/imgs/202105/ 		0
0
369dd9b2a275f5c47b102f94afe5e5f4.jpg
static.bg3.co/imgs/202105/ 		0
0
237d978c06c1da88a079c0b6b045f2b6.jpg
static.bg3.co/imgs/202106/ 		0
0
0344692d844da5872c5ea6d711fd7fa7.jpg
static.bg3.co/imgs/202106/ 		0
0
8cbbed58efd28dea3f035a90496d4bf6.jpg
static.bg3.co/imgs/202107/ 		0
0
4053c2e55e3d26f8411f674d5546dd3f.jpg
static.bg3.co/imgs/202304/ 		0
0
10d1cf0befe78f5c630a56a4cc3789af.jpg
static.bg3.co/imgs/202105/ 		0
0
0b1e2b4b8503f3dd266705dd14231790.jpg
static.bg3.co/imgs/202206/ 		0
0
fb3d5719b3f575a8ac0a00e9a923b1ab.jpg
static.bg3.co/imgs/202105/ 		0
0
c29411f03727f2eb139f98bc632f2a41.jpg
static.bg3.co/imgs/202106/ 		0
0
276f227142f99370e51d46383c7dccda.jpg
static.bg3.co/imgs/202112/ 		0
0
063cfc75cfce20d93fe3faec5ec5086a.jpg
static.bg3.co/imgs/202309/ 		0
0
dbf6d25a1ded6199488e5c8c2a7dde3a.jpg
static.bg3.co/imgs/202106/ 		0
0
99c3ea184d779be2d2c2e0105f07a057.jpg
static.bg3.co/imgs/202309/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 Nov 2023 05:32:45 GMT
age
64995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Nov 2024 05:32:45 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 04:39:45 GMT
age
154575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 04:39:45 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3233266139808311&correlator=2860769816293053&eid=31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700350559760&lmt=1700350559&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1109969163.1700350560&ga_sid=1700350560&ga_hid=60617859&ga_fc=true&dlt=1700350558930&idt=805&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f5b7aeebf91f7bb4be867ba6dfcc9be0c655baae5ac3a9702dcdde051bfb50bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12874
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC56 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:00 GMT
expires
Sun, 17 Nov 2024 23:36:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489A) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
age
1342337
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (ama/489A)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 23:35:59 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
age
8613381
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 23:35:59 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-35.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sat, 18 Nov 2023 23:35:59 GMT
content-encoding
br
age
5645096
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 23:35:59 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAzNTA1NTk4NjUsInBhY2tldElkIjoiMDAwMEE3MDEtMmIxZmI2ZTAtY2NhYS00Y2M5LThhZDItMTBmZjBkN2JmODRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3p1LXFpdS16aG9uZy1odWEtbnUtenUtYmFpLWppbmctemhlbmctbWVpLWxpbi15dW4tamllLXNodS1xdWFuLW5pYW4tYmktc2FpLXpoYW4ta2FpLWJpYW4tZmEtbWVpLWJhaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=3719.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
floating-unit.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
993a112fed28aebb10e2297da40f97e06e693040bebdfd6afcd6077e83b558c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mH3pVv6.G9B8LLY8QAMbOC68v4qmDL3z
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
3DAZHGF5EFTMK04A
age
219056
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2493
x-amz-id-2
7wZsEuzLvqdeRc+3IHXNOe5557PgwBXBdUBEvSRnMNAB371zPyuKZXsCh/wRzv8idttu8vdK+k0=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:43:54 GMT
server
AmazonS3
x-timer
S1700350560.013947,VS0,VE0
etag
"2305f087a0c9d2ee2d24d0285d8191d4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6670
taboola-vignette-new-scanning.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b98e49c162c8631d0e2798d2664e4d82671939ee4f231e644af185f5770195c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7eu5PykIh9mAQTEh.T8f_OeLmprFn.mz
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
N7KB61DWWWVBGFC7
age
218972
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8019
x-amz-id-2
iO9btdo03u4DB/gyZiQRUG2Pb8P3kkGPrZwKds2Cny3knR9xqJz85iPSDLNf89lu//lUwA4FNws=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:43:34 GMT
server
AmazonS3
x-timer
S1700350560.040074,VS0,VE0
etag
"2b51cbae4d4dc51af812ae527452faa2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3040
distance-from-article.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U1od7zFn.E3CrGutJ0uTEJm7AoMMR7dZ
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
D1PTDK76FPNWDAWM
age
219069
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
65IdpQH3cyS+yul3ctYS2RCtlZQ8iQw/RigaVDbk1kUR4XWOIQj2HptlG+WZQ6pg
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:44:04 GMT
server
AmazonS3
x-timer
S1700350560.067568,VS0,VE0
etag
"efa6760390ae7acf98dc5d392f96a63a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
92987
article-detection.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
w.KPU407iD4toCcejeuMXCyx6pJjTU8_
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
D1PGZ67B6C708E4C
age
219069
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
fvE7PmMm/xf/DQv/8j6O8clp8OLrG7ZGJUfOW72X8diBESamGIdpgQZ02S5YNfMHCpQN7FyMabM=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:44:12 GMT
server
AmazonS3
x-timer
S1700350560.067557,VS0,VE0
etag
"e8a34824a44d39e9d49b93d0c2e34a81"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
70
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
92974
article-and-feed-area-scanner.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f26a6335eb65f06b02fab1310f0e5b5e1fe82c60501d92865a59511de67d4cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2DITHSqrjAKsG6xzdgDg.3UUfh8KtbLV
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
EQPX6SDSXJR1WCTP
age
218952
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1149
x-amz-id-2
alIpk+QBngajxiny+khDzjXiKGq78OFhKpDYOKrbyb48zSTmY52XgeWQjbTxHW6dpOEv0OwQ5r8=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:44:16 GMT
server
AmazonS3
x-timer
S1700350560.067546,VS0,VE0
etag
"d7d90265a73dd43dc88e48861a71e81b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
77
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25982
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.7/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-P3
age
398539
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35262
x-served-by
cache-ams21030-AMS
last-modified
Tue, 14 Nov 2023 08:52:22 GMT
server
AmazonS3
x-timer
S1700350560.245156,VS0,VE0
etag
"acbf4feb7c49eb33282548b433b4476b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WZdn2izSsDBViDICX717mxGwsFB_PyiOG-ijjAcORAfqgxJRTsppbA==
x-cache-hits
1130
feed-card-placeholder.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dWmQPNr6R4sqfxHfo.2ROmBoVj1CnrRT
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
D1PNK0PVFT1PSSCG
age
219068
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1261
x-amz-id-2
ScC1r6DGutklEgRhF3FFRXunYoq375EqO+/0KiliRlQZCQ0QjipISwzZ2lYmlMt2bCO3LxrQAw0=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:43:59 GMT
server
AmazonS3
x-timer
S1700350560.067510,VS0,VE0
etag
"a106089876c08b590425b51ba81277ff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
77390
userx.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
X6PWjf0XKt3BYd3PuYnS8efzykFumCfC
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
C35V3Y8X6QCEZ0ZW
age
219099
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5397
x-amz-id-2
CB6LN/5MY1NIgGaD1fiUPVUHzKzdlJptjI8vr9eRgcPpCVKO6uN27klzILPuYdE3gPDo2Wqzgbc=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:43:31 GMT
server
AmazonS3
x-timer
S1700350560.093999,VS0,VE0
etag
"5ea2b7f5f7ca4d76996fc670b2ebc373"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11945
explore-more.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IbO7Zx6pA8T1_CyNANAESeFyxJwLLZ4H
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
D1PPECQTCJEZZFD1
age
219068
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
4mQ7Wf/weKhiusv6D7JJM3zSFcWBvOymYcY/U/U+Cg1+QRxgCui+Hli4hAqiiiJ6JkGscP0IA0c=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:44:01 GMT
server
AmazonS3
x-timer
S1700350560.093998,VS0,VE0
etag
"d7169d870c1ac2f73408c07cf1b991fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
40
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
34199
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=00%3A35%3A59.989&id=1971&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700350559991%7D&tim=00%3A35%3A59.991&id=3157&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700350559999%7D&tim=00%3A35%3A59.999&id=6720&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A36%3A00.053&id=4731&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
V0G1EBPYV6SP425M
age
45
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
3hanw2xIxptaGCmrtZaM17NcJ2gCzLc+KP3S76Zjb+dhRoovzjAl0PFIfCvOv1uJmY4m50fGQ3s=
x-served-by
cache-ams21081-AMS
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1700350560.122076,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
5
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8
ff2e8705c200356c0d620c0583ad934c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90b3887be71bc5b00eeac2fd26821aab1f5670bd1ecc0c02173652a8dfe8bc07

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
age
3787454
edge-cache-tag
617793361377345672083254441541444431545,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
617793361377345672083254441541444431545,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
408
expiration
expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.4-4-2.com/
content-length
51238
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200022-IAD, cache-iad-kcgs7200022-IAD, cache-lga21950-LGA, cache-iad-kjyo7100131-IAD, cache-ams21081-AMS
last-modified
Fri, 15 Sep 2023 16:41:12 GMT
server
nginx
surrogate-reporting
width=787,height=590,bytes=63678,owidth=787,oheight=590,obytes=667886
x-timer
S1700350560.149295,VS0,VE1
etag
"6d717c00124fae084113eb616cfe8cc7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 5, 1, 6, 1
ff2e8705c200356c0d620c0583ad934c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4621b135cf8e12f08c1b6101756c2eef99a2a7e639033bb89d2ffcf8104cfd2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
age
2102667
edge-cache-tag
617793361377345672083254441541444431545,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
617793361377345672083254441541444431545,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
325
expiration
expiry-date="Sat, 28 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.footmercato.net/
content-length
34438
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200036-IAD, cache-iad-kcgs7200036-IAD, cache-lax-kwhp1940059-LAX, cache-iad-kjyo7100076-IAD, cache-ams21081-AMS
last-modified
Wed, 27 Sep 2023 11:26:04 GMT
server
nginx
surrogate-reporting
width=787,height=393,bytes=43506,owidth=787,oheight=590,obytes=667886
x-timer
S1700350560.149271,VS0,VE1
etag
"7120deff07251a9da501e50223c81ee9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 9, 1
TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
874b4ba5f7a0cab9e4b2a6c6636c7db6224258d8fbab1fc3748712400d5cf118

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
age
915645
edge-cache-tag
439666436645367266907570445346586845480,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
439666436645367266907570445346586845480,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
368
req-referer
https://programmetv.ouest-france.fr/
content-length
6202
x-request-id
3bf4af6b21e6ea9aef4bb36d17aeaa31
x-backend-name
US_nlb102
x-served-by
cache-iad-kjyo7100030-IAD, cache-iad-kjyo7100044-IAD, cache-lga21957-LGA, cache-iad-kiad7000155-IAD, cache-ams21081-AMS
last-modified
Tue, 07 Nov 2023 13:54:34 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=11348,owidth=1111,oheight=695,obytes=88381
x-timer
S1700350560.149254,VS0,VE3
etag
"70913e6c82561d789c4eb2cc8c81d209"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 1
594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
463c22dc8c2d4a1be87d3c8c018d947db83778f737fc751b09786e2bb15098f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
age
2138620
edge-cache-tag
414442406602868598301845405230173776699,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
414442406602868598301845405230173776699,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
64
req-referer
https://www.werstreamt.es/
content-length
10890
x-request-id
fc4b83a10309fbf9e97ecbaf69601fa7
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200102-IAD, cache-iad-kiad7000133-IAD, cache-iad-kcgs7200040-IAD, cache-ams21081-AMS
last-modified
Sun, 08 Oct 2023 23:02:06 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=16026,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700350560.176194,VS0,VE1
etag
"62fd0b04b6800b3d86bda697925731cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 51, 1
c7a71b0b9ab0365fbabecec7080dc93b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90cc116fabb1aeb4791c3b6e963f2ae1e062a48562c472f77b900da776c311ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
age
5232337
edge-cache-tag
480919811498816728279671218586071676573,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
480919811498816728279671218586071676573,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
249
expiration
expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://iranianuk.com/
content-length
17756
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000106-IAD, cache-sna10746-LGB, cache-iad-kcgs7200027-IAD, cache-ams21081-AMS
last-modified
Mon, 18 Sep 2023 15:21:55 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=32874,owidth=1000,oheight=757,obytes=137306
x-timer
S1700350560.244075,VS0,VE1
etag
"1c4728914fafca9e2c973ebdc47c61ac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 54, 1, 3, 1
56003bf897d0721becdf6c8ccca277c9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/56003bf897d0721becdf6c8ccca277c9.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0bf88e55eb804baf10864876ea382243e9a54df8a75abff1e508cd8a8d166a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/56003bf897d0721becdf6c8ccca277c9.png
age
1389520
edge-cache-tag
295276405376649238062086530845248721616,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
295276405376649238062086530845248721616,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
54
expiration
expiry-date="Tue, 10 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
12032
x-backend-name
US_nlb102
x-served-by
cache-iad-kiad7000029-IAD, cache-iad-kiad7000029-IAD, cache-lga21946-LGA, cache-iad-kcgs7200165-IAD, cache-ams21081-AMS
last-modified
Sat, 09 Sep 2023 05:55:24 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=1024,oheight=676,obytes=714051
x-timer
S1700350560.244056,VS0,VE1
etag
"789ed5319b090309046398b49ec9e5d0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4, 0, 11, 1
ea372e19aa47038d78ca81944eddf1eb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea372e19aa47038d78ca81944eddf1eb.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93a0e06792b214641ec1b5af043cb732c0a25d1ccaeb442c10c85ee638673c82

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ea372e19aa47038d78ca81944eddf1eb.jpg
age
1027909
edge-cache-tag
619294844502118971543349613704895169311,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
619294844502118971543349613704895169311,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
60
expiration
expiry-date="Sat, 25 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.abendblatt.de/
content-length
14740
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200147-IAD, cache-iad-kjyo7100100-IAD, cache-lga21948-LGA, cache-iad-kjyo7100157-IAD, cache-ams21081-AMS
last-modified
Wed, 25 Oct 2023 09:07:04 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=21947,owidth=1200,oheight=720,obytes=991288
x-timer
S1700350560.244039,VS0,VE1
etag
"9d975904d525ab3c54b6618144fcb36e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 1
ff2e8705c200356c0d620c0583ad934c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c24786bb6e0044b707b2c070449f5e350dca9223b644d62be8b12270fd147071

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
age
1614744
edge-cache-tag
617793361377345672083254441541444431545,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
617793361377345672083254441541444431545,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
235
expiration
expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.abendblatt.de/
content-length
39714
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100037-IAD, cache-iad-kjyo7100037-IAD, cache-lga21940-LGA, cache-iad-kcgs7200123-IAD, cache-ams21081-AMS
last-modified
Fri, 15 Sep 2023 05:47:15 GMT
server
nginx
surrogate-reporting
width=787,height=437,bytes=48904,owidth=787,oheight=590,obytes=667886
x-timer
S1700350560.330871,VS0,VE1
etag
"24baa0ecbe4cb6d8b02c5380cb89c165"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 18, 1, 14, 1
c7a71b0b9ab0365fbabecec7080dc93b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d964ea04b3ae030749ca8d981748bc5a13171e59363ed99be1e57e758e90e8e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
age
2818993
edge-cache-tag
480919811498816728279671218586071676573,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
480919811498816728279671218586071676573,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
332
expiration
expiry-date="Sat, 14 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://motormag-weekly.com/
content-length
20450
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000138-IAD, cache-iad-kiad7000138-IAD, cache-sna10725-LGB, cache-iad-kcgs7200156-IAD, cache-ams21081-AMS
last-modified
Wed, 13 Sep 2023 11:01:55 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=36559,owidth=1000,oheight=757,obytes=137306
x-timer
S1700350560.379188,VS0,VE1
etag
"e8aee6a787197c7ca384eff4e1f97542"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 36, 1, 28, 1
TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99e153fa13b756ee34fe31561a2df595d42548d16627798a11db683e166f84bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
age
916942
edge-cache-tag
439666436645367266907570445346586845480,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
439666436645367266907570445346586845480,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
1173
req-referer
https://www.t-online.de/
content-length
23598
x-request-id
0d68e7957e35588af12ac6742bf35a5f
x-backend-name
US_nlb105
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kjyo7100113-IAD, cache-ewr18169-EWR, cache-iad-kjyo7100078-IAD, cache-ams21081-AMS
last-modified
Tue, 07 Nov 2023 13:54:34 GMT
server
nginx
surrogate-reporting
width=1111,height=617,bytes=49710,owidth=1111,oheight=695,obytes=88381
x-timer
S1700350560.379148,VS0,VE2
etag
"5584a358e0769fa1a20af334b6c49ec4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 9, 1
594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
age
2195765
edge-cache-tag
414442406602868598301845405230173776699,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
414442406602868598301845405230173776699,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
106
expiration
expiry-date="Fri, 17 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.noen.at/
content-length
33638
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200084-IAD, cache-iad-kcgs7200046-IAD, cache-ewr18154-EWR, cache-iad-kjyo7100020-IAD, cache-ams21081-AMS
last-modified
Tue, 17 Oct 2023 04:49:19 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=48351,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700350560.379127,VS0,VE0
etag
"3bb4cf0d908a96cab5dd4873ba3cea84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 2
view
securepubads.g.doubleclick.net/pcs/ Frame 7D85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQnQJRy-5b3l3mbJ1QL5isea3Sah7DqkLk-UhnnCRO4JxkEIzMqoSwTLjU5HQLCbSfCzDsQCujZRKXpRqDQD85HrWBKwSF_Q8sq8wmzjM2I8SMdWRgU-pUfHAEmSnRroozoMvL8GdCHogvZFUAndyE2mOVULd686VoHEkRyZWfnnzH3tPLZ6SWLifrXBLTZJt50dJE8wPXbsLKL0nzGE6AXj-hiG0w1dzlBdFvGXFqZf8mMO3WXDbbuKe90LoVnitCuWV2F2DtFNhpU0W3NnSKSuQmwEj1oX1iHBG_EO1kgLFgO0a9y3jDzNdWHyzq7iSfuQ&sai=AMfl-YRgfH2QuoUNknfLLKijB39yzWDsgwTEQk3rpkCc5FJvCvojNQwkUgItSok-uJ27U76lf-838Y28rlqFetPmfeJXGC14si_9sLOrEU2KTKffZj1Oicv8pOnfl0lfJOufiRiRCwsQka4v1iYWHh-inJaC&sig=Cg0ArKJSzM3bn0ii-AoCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 18 Nov 2023 23:36:00 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:10:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6555dc90-66a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 19 Nov 2023 00:36:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7D85 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:00 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAzNTA1NjAxODAsInBhY2tldElkIjoiMDAwMEE3MDEtMmIxZmI2ZTAtY2NhYS00Y2M5LThhZDItMTBmZjBkN2JmODRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3p1LXFpdS16aG9uZy1odWEtbnUtenUtYmFpLWppbmctemhlbmctbWVpLWxpbi15dW4tamllLXNodS1xdWFuLW5pYW4tYmktc2FpLXpoYW4ta2FpLWJpYW4tZmEtbWVpLWJhaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4034.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAzNTA1NjAxOTIsInBhY2tldElkIjoiMDAwMEE3MDEtMmIxZmI2ZTAtY2NhYS00Y2M5LThhZDItMTBmZjBkN2JmODRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3p1LXFpdS16aG9uZy1odWEtbnUtenUtYmFpLWppbmctemhlbmctbWVpLWxpbi15dW4tamllLXNodS1xdWFuLW5pYW4tYmktc2FpLXpoYW4ta2FpLWJpYW4tZmEtbWVpLWJhaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4046.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAzNTA1NjAxOTcsInBhY2tldElkIjoiMDAwMEE3MDEtMmIxZmI2ZTAtY2NhYS00Y2M5LThhZDItMTBmZjBkN2JmODRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3p1LXFpdS16aG9uZy1odWEtbnUtenUtYmFpLWppbmctemhlbmctbWVpLWxpbi15dW4tamllLXNodS1xdWFuLW5pYW4tYmktc2FpLXpoYW4ta2FpLWJpYW4tZmEtbWVpLWJhaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4051.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3233266139808311&correlator=1259892179065600&eid=31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&arp=1&abxe=1&dt=1700350560223&lmt=1700350560&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1109969163.1700350560&ga_sid=1700350560&ga_hid=60617859&ga_fc=true&dlt=1700350558930&idt=805&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_15_1_pv%26cluster_reporting%3Dchrome_DESKTOP_15_1_active_1_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_3%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_3%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1454b04d8a7df02c7cbcbffa63e76121b0d2f181902c1a31caf3bd20c0f2751b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23140
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
44214
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 17 Nov 2024 11:19:06 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A36%3A00.057&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=3602&cv=20231116-8-RELEASE&lt=deflated&uuid=34d412bc61faadddee1aee822658474ad50dd74926ef76df5dc9e17d62ec5be4&dcc=1&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69011
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A36%3A00.058&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6661&cv=20231116-8-RELEASE&lt=deflated&uuid=34d412bc61faadddee1aee822658474ad50dd74926ef76df5dc9e17d62ec5be4&dcc=2&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69104
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A36%3A00.065&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7353&cv=20231116-8-RELEASE&lt=deflated&uuid=34d412bc61faadddee1aee822658474ad50dd74926ef76df5dc9e17d62ec5be4&dcc=3&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69104
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A36%3A00.067&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1345&cv=20231116-8-RELEASE&lt=deflated&uuid=34d412bc61faadddee1aee822658474ad50dd74926ef76df5dc9e17d62ec5be4&dcc=4&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69104
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A36%3A00.078&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8389&cv=20231116-8-RELEASE&lt=deflated&uuid=34d412bc61faadddee1aee822658474ad50dd74926ef76df5dc9e17d62ec5be4&dcc=5&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
69104
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAzNTA1NjAxODAsInBhY2tldElkIjoiMDAwMEE3MDEtMmIxZmI2ZTAtY2NhYS00Y2M5LThhZDItMTBmZjBkN2JmODRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3p1LXFpdS16aG9uZy1odWEtbnUtenUtYmFpLWppbmctemhlbmctbWVpLWxpbi15dW4tamllLXNodS1xdWFuLW5pYW4tYmktc2FpLXpoYW4ta2FpLWJpYW4tZmEtbWVpLWJhaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4140
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1700350560308
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 17 Nov 2024 23:36:00 GMT
date
Sat, 18 Nov 2023 23:36:00 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
8080236
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231119
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27310
x-jsd-version
1.0.1877
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mxp6973-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"641-1YKVPSNSxEtps6XrkJSRmQ2Gkf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i54JiTARWM4k81DZaRuCXQV%2Fb3aq4NsHB7tR1hshwDTOHIzEb2W6w%2FyhJQC0FikRfy%2BP9rTEyNkcomWK3humQ%2BOba5JZaPMBoS7zIOPaeHbgn5R8b20Vue5RrHiGxK%2BjCmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8284087cf9980208-ZRH
adreq
ads.servenobid.com/ 		592 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6032
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e8f8b1b5e5af237b5921899b57994bfe2ceae01e7b0cf36074ff26cb2ea5250

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.136.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d1b974ad7f7d096b88f95cc333f1a0f381a2966e823723f18704207d1f4b7e18

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 18 Nov 2023 23:36:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 18 Nov 2023 23:35:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ca792211e738471f09c85bee47692186a8e2c4f986a24e81097ab7c9695048d0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
an-x-request-uuid
cf142c76-9f36-4a95-9019-3ca79624fbc1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=8333221392&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 18 Nov 2023 23:36:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid-request
a.teads.tv/hb/ 		412 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0859258e39b56a7e8df0501c0e37c537ac2d1ad6bdb80127a5c20b5593c1fa1a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
303
expires
Sat, 18 Nov 2023 23:36:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b024be8a1bb1f0e794fef6b98144d8f49c8437bb7902dd6c4e51fc64a2114a18

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=61b823e4-97d8-47ce-bd0c-ff9539554794%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%B6%B3%E7%90%83%EF%BC%8F%E4%B8%AD%E8%8F%AF%E5%A5%B3%E8%B6%B3%E7%99%BD%E6%B7%A8%E6%AD%A3%E5%A6%B9%E6%9E%97%E5%8B%BB%E7%B5%90%E6%9D%9F%E5%85%A8%E5%B9%B4%E6%AF%94%E8%B3%BD%E5%B1%95%E9%96%8B%E8%AE%8A%E7%99%BC%E7%BE%8E%E7%99%BD&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=7f5f99fe-7985-4c3f-bc9e-2d6d0375f8a2&l_pb_bid_id=20450f8089b8384&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7f5f99fe-7985-4c3f-bc9e-2d6d0375f8a2&rp_maxbids=1&slots=1&rand=0.2877214926311136
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
910761bde2f2f138c8503ca39c283da584c901175f655b996b9a6e7fa4afe307

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.158.88.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-88-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
accept-ch
sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
2f014b0e416ce5f3660b7ae583b0ef14cedac4100d5b19a6feeca2103b6b1bfe

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:35:59 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
62
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 23:36:00 GMT
prebid-request
onetag-sys.com/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
ff2473fcf2674534243b8a32e45ea2c1949f6063bb2bc74438971ad7dc3236a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
4068
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
95486b3d18b5199831c4b1dbb68123f7a5a3d9344063f1aecc16efdfcdd1e148

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
95486b3d18b5199831c4b1dbb68123f7a5a3d9344063f1aecc16efdfcdd1e148

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8284087b881401b7-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
pbjs
htlb.casalemedia.com/openrtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6305afc22fd2e45aa50d4e6721ed172b3ebaa71dbeccc47fd215b113ed0455d4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFLAJ4wAad4m8mcCH8DpE7SUxvSo9M8YS%2FPCBE3Pn2Q9%2F4Agu36SF1qFxyrsMYHSqJc8Nn1JrEHdLaMfy7%2B7vpOqW0L4Y9hWz1hFNT9eohGbHyiRp9am2bKYSBsOB8Djw%2B5eVVUL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8284087b5a590219-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64492a7b1c73c113df9c13630afdf4efc55c4f281a4249dca7b7bccb961485c4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gt8JhMB4m%2B3Jk%2BVgJS3uASZ0dGPTP3%2B2jAb22%2BfXeKAJkcYEcgFqUOytGjkCsBpIS2J%2F7YbNwA559a6k945PChoVaHKydcvwbs3mO8GTPWpF%2FoEkABUHDSjIoH2jOueM1Z5Bmdbd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8284087b5a5b0219-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
9
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 25 Nov 2023 23:36:00 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A36%3A00.503&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2518&cv=20231116-8-RELEASE&lt=deflated&uuid=34d412bc61faadddee1aee822658474ad50dd74926ef76df5dc9e17d62ec5be4&dcc=6&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
73062
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 21:37:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 23:36:00 GMT
spa-detector.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7QcC5tadVgGiWdOmI5x_aGnuaxCJwtWb
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
B49A8N5PA36WE6CX
age
219068
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
779
x-amz-id-2
zHDROjKuvSKneBNyW/jnh7hSlk0zVm3A/VKLHwRYRh1RoR02asKRjtY0dUnwXnGYCAIILiWu3HY=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:43:43 GMT
server
AmazonS3
x-timer
S1700350561.542291,VS0,VE0
etag
"7653a5dacee64271085316a2604ddf96"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
35986
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A36%3A00.505&id=4650&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700350560507%7D&tim=00%3A36%3A00.507&id=8541&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A36%3A00.509&id=7971&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700350560511%7D&tim=00%3A36%3A00.511&id=6599&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
next-up-widget.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44c41505855cf99a43c8f8be8de705bd5800b802b7ecfda0f2d664fa8b1920ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3NrCsrdFOl.u1W0jyLjXCYbht8t996Vs
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:00 GMT
x-amz-request-id
3DAZKCJD5171SVAK
age
219057
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4623
x-amz-id-2
cT9G89723fnMCBZJGHlQh89njtxKvVp6F5qcyvQDXHdMPDwhYtD6Q+nKCQwxOKH0/KpUzBN7NWc=
x-served-by
cache-ams21081-AMS
last-modified
Thu, 16 Nov 2023 10:43:50 GMT
server
AmazonS3
x-timer
S1700350561.565204,VS0,VE0
etag
"448f6eba05b4a5ae20f922469c822de4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6437
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1590%7D%22%2C%22eventTime%22%3A1700350560519%7D&tim=00%3A36%3A00.519&id=8647&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11790
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9XBxl9%2Bgrg90I8JKj8wgUGTLd7jOSDAJ%2B8YH1Ii4dGopyy8Km3g2vqWs%2BQVKTCfb70sRK73NqfNVhvTmIKTvst7mGcqdRsej8MKBoB366qW7IRG3qNc3mgLJgIFM4UHpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8284087b8c8d2299-CDG
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e4614773e09d59a47c7deb001616cb379dafb917716b6eafb5e580fae946f689

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:01 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
impress
ad.vidverto.io/delivery/ 		59 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&referrer=&async=1&uid=4282660388&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bc0cec8650f54b210227406c6b864a115de29bffd7f520692de14b04c95f3a7c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2525589947778777&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:01 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11616&tvi50=13156&lti=deflated&ri=bc77f4b02c119f46bd3b5b7d9d318cb4&sd=v2_a41bd9e5a26bcd569c6b86bba2785d51_26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf_1700350559_1700350559_CNawjgYQ2YJdGJ6Kqqa-MSABKAEwKziy0A1AwogQSJPS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&pi=/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&wi=-5747928930816241014&pt=text&vi=1700350559518&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.515625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A36%3A00.633&id=4349&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ff2e8705c200356c0d620c0583ad934c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a303866e07c77f2f1ddb7e51e59d650e71eba5717db248a2e891f0ccffd0971d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff2e8705c200356c0d620c0583ad934c.png
age
908649
edge-cache-tag
617793361377345672083254441541444431545,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
617793361377345672083254441541444431545,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
58
req-referer
https://www.queer.de/detail.php?article_id=47483
content-length
5736
x-request-id
af86b2eec3d7dd8ee8fc544e2662a15f
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200036-IAD, cache-iad-kiad7000123-IAD, cache-lga21963-LGA, cache-iad-kjyo7100091-IAD, cache-ams21081-AMS
last-modified
Sun, 08 Oct 2023 19:07:24 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=7037,owidth=787,oheight=590,obytes=667886
x-timer
S1700350561.671224,VS0,VE1
etag
"5096bb68df1c1af920cef45f732dd665"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 23, 1
c7a71b0b9ab0365fbabecec7080dc93b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5641039f8bc879e8e6edcc43fe41fab39d0715cfe9d65f260fad6461c920c7b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c7a71b0b9ab0365fbabecec7080dc93b.jpg
age
2633475
edge-cache-tag
480919811498816728279671218586071676573,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
480919811498816728279671218586071676573,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
20
req-referer
https://www.milenio.com/
content-length
5158
x-request-id
a421e8433192d868f19b00363dc7e7be
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200163-IAD, cache-iad-kcgs7200163-IAD, cache-chi-klot8100167-CHI, cache-iad-kcgs7200174-IAD, cache-ams21081-AMS
last-modified
Sat, 02 Sep 2023 05:40:42 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=6104,owidth=1000,oheight=757,obytes=137306
x-timer
S1700350561.671198,VS0,VE1
etag
"71f2b9b6a042efb7ac7afbf7b4e42556"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 1, 1
TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7669e1a4abbecc9096bea7c443247381c2dc3fc43c787d5b8719bdf3592dc86

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.telegraph.co.uk/content/dam/racing/2023/06/22/TELEMMGLPICT000340240141_16874507024130_trans_NvBQzQNjv4BqkCz8yL-JF4oyQeNhc4nqnKXzQm_SxZoFbajknKk4-r0.jpeg
age
914991
edge-cache-tag
439666436645367266907570445346586845480,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
439666436645367266907570445346586845480,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
350
req-referer
https://sparen-gewinnen.de/
content-length
3590
x-request-id
2c877874dd022c5ee0088bf3f3e02d38
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000084-IAD, cache-iad-kjyo7100098-IAD, cache-chi-klot8100136-CHI, cache-iad-kjyo7100056-IAD, cache-ams21081-AMS
last-modified
Tue, 07 Nov 2023 13:54:34 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=5876,owidth=1111,oheight=695,obytes=88381
x-timer
S1700350561.671187,VS0,VE1
etag
"3878f1798e4e129f009bace79e375706"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 1
bid-request
a.teads.tv/hb/ 		413 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f10ade9bb505cf4f2e91e2587b39401af3ae56034ef20c3efc5fba76a9dca7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
305
expires
Sat, 18 Nov 2023 23:36:01 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8284087ce9c601b7-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.158.88.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-88-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.136.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
24ac01a5f255db84ca568c84405093b4d45c8de278026e0fc40d197491bcef89

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 18 Nov 2023 23:36:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
139c3d240c270e48d562866a72ff61558334c4eff0e2d320b27f5eee3c22e389

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
139c3d240c270e48d562866a72ff61558334c4eff0e2d320b27f5eee3c22e389

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969f99d61e55b7898a3bd95cf51fc47dd0653556858a39449f7fb84105ae3f0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04OFdHXMONyj31GTbYNkSJXMOOPnHbGUv6coHtGGX3yZ%2BGapm8b9ndrOGuRiLQTV0DGs6QBPoNCCtE189yOmG3Fbf1PR0G%2Fd270Yq8COuXt4bNKCJlzmaNxmsGYqtHLmZqvYdlU7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8284087cec540219-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969f99d61e55b7898a3bd95cf51fc47dd0653556858a39449f7fb84105ae3f0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rlt8e%2BB3EtmNPzYlw8st8A4RFTzaygcRD2gzUHwf9gaN0FAmYhaeoFYQqGkxmZPHfSESalWDgrgJJa8n8cLWL%2F%2FS09VeASXyDibKHoSPKZPO5y4r0HDu2%2FXCObHKdaxhAyUmeZvN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8284087cec560219-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969f99d61e55b7898a3bd95cf51fc47dd0653556858a39449f7fb84105ae3f0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CDjdgHxBZridvYRBAT%2BP6JHdCdQGDyWXv53W75YFoOfBBA0pZBEJzxa7s2%2FKwvG3%2BRn6SSCRaE2XA5EOwHPfiBkjWiWD5eyoV7l45zWynR3yrxiRlFiIcsfjM%2BKf2561Iiw7ntc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8284087cec570219-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
12
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
10
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=59729349796&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 18 Nov 2023 23:36:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
32e5cda46b0f64e35f7890871e95d4a3d8c2482c958f9e61b01ad8678e1d8d5c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
an-x-request-uuid
d342c61b-d595-48f4-9420-69f6fb9fc6fd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
966e44ecf48d974c5dcea1ae467e4bc8cc9a010d2401566364c6a2eaf8361531

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=61b823e4-97d8-47ce-bd0c-ff9539554794%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%B6%B3%E7%90%83%EF%BC%8F%E4%B8%AD%E8%8F%AF%E5%A5%B3%E8%B6%B3%E7%99%BD%E6%B7%A8%E6%AD%A3%E5%A6%B9%E6%9E%97%E5%8B%BB%E7%B5%90%E6%9D%9F%E5%85%A8%E5%B9%B4%E6%AF%94%E8%B3%BD%E5%B1%95%E9%96%8B%E8%AE%8A%E7%99%BC%E7%BE%8E%E7%99%BD&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=fcf86683-f896-4869-b5c7-73d9ddd3c5b9&l_pb_bid_id=82fb0cdba3b4b2d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fcf86683-f896-4869-b5c7-73d9ddd3c5b9&rp_maxbids=1&slots=1&rand=0.46838964301174335
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4321a6a0ab6b80f46fdf9cd062e6cd63e8215ede6d7b06a3ec0ec3a2701e0f27

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		592 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9021
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
538f6a1b5cb6e786e264ae7c4f8f775b3da2386886558e8a65e0711c5bf88c82

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
183ff5319166645bd2e6d4dce61bcd6fbcf3adc41ab2489ed6c856519b432d7c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
79
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 23:36:00 GMT
/
onetag-sys.com/usync/ Frame 40A2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
d7c3e7534ac1adc01001ecd2d17f6b61e325be9826a7786e7eb54610a3ed2aa5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1440
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Sat, 18 Nov 2023 23:36:01 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 19 Nov 2023 00:36:00 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 19 Nov 2023 00:36:00 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=014c5c39987adb8c121409403556206f
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 11:21:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6554a9c7-161f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 19 Nov 2023 00:36:00 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 19 Nov 2023 00:36:00 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 19 Nov 2023 00:36:00 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=a968947a-67a5-4369-bef6-eabf514204de&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=a968947a-67a5-4369-bef6-eabf514204de&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=a968947a-67a5-4369-bef6-eabf514204de&p_id=23
date
Sat, 18 Nov 2023 23:36:00 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=6be710a2-42ae-4c4e-adf4-c4aad8cc457c&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=6be710a2-42ae-4c4e-adf4-c4aad8cc457c&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=97aef2af-edf6-5243-bbf9-225edea0683f&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=8dfccedd-668a-44ee-b95e-d349fc17fa76&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=8dfccedd-668a-44ee-b95e-d349fc17fa76&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=8dfccedd-668a-44ee-b95e-d349fc17fa76&p_id=15
date
Sat, 18 Nov 2023 23:36:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:00 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Sat, 25 Nov 2023 23:36:00 GMT
truncated
/ Frame 7D85 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddf719261a7ab0d9887096946933aa89a6c212288cf236107392eb69020bf40c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7D85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-xdghIoVEbaX3x1amCGk2Ik6QXjRrE9LTm53fBhFxhpDyReGC-cGM1Vng1F-YmX2NvdTzEpQaZMIJg31F1_mg2Uw4zMyHxciDhsOoZ2cCWEk25aNzu9SQtTvfPLQ2C4d6H5HPQ5O9-58KgUNABmvlxgt8QC35qILks-18PFNGBceEnWcrA2zkhtqCZlPtb8wfZuuec4vK1M8O85GkvgjVy7Kgf8ROcmeZ26NPd7IR6nI_zlwN7GpLhucngXLj3jULccOeP-sM5olXPawh73ddGigs1Folv3GiwfB32VPNgQAq5TFS4Sq51BB0k7talrRyWFAs&sai=AMfl-YQrp5x-hAY6Lh7y5wJgUJvl68joaYxL3IPkiMjLiVbnFfoYatv3z01vardmLRxHw47q-41C7WkvlepoMQkmLyBj8gyk_4Z3tBqb3ntURskRDnVMRCI7qSrf4bb2V_0HY19aTHezgJvyQHaWFWsIrqgH&sig=Cg0ArKJSzKDcH0Nv2-5mEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 18 Nov 2023 23:36:01 GMT
st
imprammp.taboola.com/ Frame 2804 		577 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&cmcv=&pix=undefined&cb=1700350560823&uv=3358&tms=1700350560823&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f8ce33d-fb3b-4940-b865-4f3bc61a704a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
836c676386a52e36ff0d32c01402c9b3741727564de5ba01dcb1b7159de92181

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 18 Nov 2023 23:36:00 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21081-AMS
x-timer
S1700350561.887566,VS0,VE3
sync
am-match.taboola.com/ Frame 52A3 		577 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
836c676386a52e36ff0d32c01402c9b3741727564de5ba01dcb1b7159de92181

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 18 Nov 2023 23:36:01 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700350560829&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1573&pt=166555520&tz=60&viewable=true&ddast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1429
x-cache
MISS
x-served-by
cache-ams21081-AMS
pragma
no-cache
server
nginx
x-timer
S1700350561.891058,VS0,VE28
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&cmcv=&pix=31589837&cb=1700350560823&uv=3358&tms=1700350560823&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700350556146.4!ts:1700350560823&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-length
0
server
nginx
container.html
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D361 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:00 GMT
expires
Sun, 17 Nov 2024 23:36:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
sync.mathtag.com/sync/ Frame 40A2 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:01 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sat, 18 Nov 2023 23:36:00 GMT
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LP4OTLTN-16-H3RQ&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LP4OTLTN-16-H3RQ&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LP4OTLTN-16-H3RQ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4361217955105951063
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4361217955105951063
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:00 GMT
an-x-request-uuid
c86f526e-b30b-4e10-bb8a-6453dff1a580
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4361217955105951063
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700350561660047-545
tap.php
pixel.rubiconproject.com/ Frame 40A2 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 40A2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-TKirgLAiDv8nGOMjagfe4qFNFQt6FTng
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-TKirgLAiDv8nGOMjagfe4qFNFQt6FTng
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-TKirgLAiDv8nGOMjagfe4qFNFQt6FTng
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=2137512993614211217
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=2137512993614211217
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=2137512993614211217
date
Sat, 18 Nov 2023 23:36:00 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 40A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 40A2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MSM805XH6JWP9J0Q3FJ0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzU0NjNDRjItODUxMS00QTgxLUI1RTktMjcyNjRDMjY0M0RG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
date
Sat, 18 Nov 2023 23:36:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfDVgNSdUx20TTR8w44x3Q&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfDVgNSdUx20TTR8w44x3Q&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECfDVgNSdUx20TTR8w44x3Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
date
Sat, 18 Nov 2023 23:36:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 40A2 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 40A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=8dfccedd-668a-44ee-b95e-d349fc17fa76&google_hm=OGRmY2NlZGQtNjY4YS00NGVlLWI5NWUtZDM0OWZjMTdmYTc2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEP13W5WudPPBdydCVH1C1eQ&google_cver=1&ssp=onetag&bsw_param=8dfccedd-668a-44ee-b95e-d349fc17fa76
  • https://onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 18 Nov 2023 23:36:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame 40A2
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0&p_id=5
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0&p_id=5
date
Sat, 18 Nov 2023 23:36:01 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
css2
fonts.googleapis.com/ Frame D361 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 23:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 23:36:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 23:36:00 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame CC32 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Sun, 19 Nov 2023 03:36:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CC32 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
44208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:19:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CC32 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame CC32 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwg3GEUPMfyCecufhJkHu3yunO0atpx1QLiSxUUlepiQdErErHDj7F4QPZmwcpBwQ6r_Vnccu3Q-B49FYAZDC4bo7StA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CC32 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
173943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CC32 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:01 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame D361 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
70588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 03:59:33 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2804 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&cmcv=&pix=undefined&cb=1700350560823&uv=3358&tms=1700350560823&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f8ce33d-fb3b-4940-b865-4f3bc61a704a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2804 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&cmcv=&pix=undefined&cb=1700350560823&uv=3358&tms=1700350560823&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f8ce33d-fb3b-4940-b865-4f3bc61a704a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.117.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-117-106.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Sat, 18 Nov 2023 23:36:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
JS0PYWQJZ121ZGPV
age
319015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
26GCYDeiJwekWGZZVBaLyBMCpcd4zYZ/NFZiMpqlBsDMzTtNyGdXr73eGV6Ynu9L6dL3RL4HPOE=
x-served-by
cache-ams21081-AMS
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700350561.023086,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
69547
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 		604 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031467
date
Sat, 18 Nov 2023 23:36:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HJJXS29PT2TMHPAM
age
319010
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031468
x-amz-meta-mode
33188
content-length
123398
x-amz-id-2
v/0sgWfaP2XpcwULa1dUHkFGJNr59/kVRCUk6HBy1niPvbF05NpKUkWaxAA01qGLdhCIFX77S+8=
x-served-by
cache-ams21030-AMS
last-modified
Wed, 15 Nov 2023 06:57:49 GMT
server
AmazonS3-br
x-timer
S1700350561.020965,VS0,VE0
etag
"e8023cd27890386539e680dcc790152c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
15051
usync.html
eus.rubiconproject.com/ Frame D31B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&cmcv=&pix=undefined&cb=1700350560823&uv=3358&tms=1700350560823&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f8ce33d-fb3b-4940-b865-4f3bc61a704a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:36:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:09:34 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
wp1dI7PpBQL8hCvuEThOJVdtUhh2cdHJ5lYV9MZOGf1cCS4NZQEdyw==
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=11616&tvi50=13156&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
82
date
Sat, 18 Nov 2023 23:36:01 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
66042
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21081-AMS
pragma
no-cache
server
nginx
x-timer
S1700350561.195951,VS0,VE82
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-C1
age
1173516
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-ams21081-AMS
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1700350561.241118,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
A6eSXa8mzm8pvy_g4qU43SWxHhg7-JxFo9dy2qx0Z0FOI9MVcvzpjQ==
x-cache-hits
19273
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/ 		427 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700123877
date
Sat, 18 Nov 2023 23:36:01 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
CCQVTTK6M6HCW00P
age
226643
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700123890
x-amz-meta-mode
33188
content-length
81612
x-amz-id-2
WBLnzLTHaRCuOPA1ab/heO35TDVi6ADz6tZGtU2qZCNxVm0cTlnVzhBm8FRaE3ZjK2TeUaicnnw=
x-served-by
cache-ams21030-AMS
last-modified
Thu, 16 Nov 2023 08:38:11 GMT
server
AmazonS3-br
x-timer
S1700350561.243196,VS0,VE0
etag
"3d881848170c7ab7d2916771d7b9012f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
19552
sync
am-match.taboola.com/ Frame 5E8F 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
61967cbc83a52ae64e3008e40b027a821c4b59e945dd51a5fc2babb433d117cb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 18 Nov 2023 23:36:01 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&cmcv=&pix=31579697&cb=1700350561205&uv=3358&tms=1700350561205&su=3&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-length
0
server
nginx
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96dS1xaXUtemhvbmctaHVhLW51LXp1LWJhaS1qaW5nLXpoZW5nLW1laS1saW4teXVuLWppZS1zaHUtcXVhbi1uaWFuLWJpLXNhaS16aGFuLWthaS1iaWFuLWZhLW1laS1iYWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTJiMWZiNmUwLWNjYWEtNGNjOS04YWQyLTEwZmYwZDdiZjg0YyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMDQ0ZmU2ZjEtZTg4NS00NDg0LTg3MTctZDYyYTQyNDE2Mjg2IiwidGltZU9mQXVjdGlvbiI6MTcwMDM1MDU2MDMzNCwiYmlkcyI6W3siY3BtIjowLjAxLCJhZElkIjoiODliMmY5NWUyOWM5MDZiIiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzQ4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDM1MDU2MDcyMH0seyJjcG0iOjAuMDQ5MjU4MjY4Mzk5OTk5OTksImFkSWQiOiI5MGUxZjIxNzA1ZmQyOWYiLCJvcmlnaW5hbENwbSI6MC4wNDkyNTgyNjgzOTk5OTk5OSwiYmlkZGVyIjoib25ldGFnIiwicmV2ZW51ZSI6MC4wMDAwNDkyNTgyNjgzOTk5OTk5OTQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM1OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDAzNTA1NjA3MjZ9LHsiY3BtIjowLjAyNzAzMywiYWRJZCI6IjkxODUzZTkxYWM2YmUyNyIsIm9yaWdpbmFsQ3BtIjowLjAyNzAzMywiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDAyNzAzMywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDUwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDM1MDU2MDgwMn0seyJjcG0iOjAuMSwiYWRJZCI6IjkzMDY4OWEyMGIzMWFmMSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1MTcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwMzUwNTYwODc0fSx7ImNwbSI6MC4wNSwiYWRJZCI6Ijk3MzVhMDRhNmU0MDEyNCIsIm9yaWdpbmFsQ3BtIjowLjA1LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODc5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDM1MDU2MTIzOH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJ0ZWFkcyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTMwNjg5YTIwYjMxYWYxIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDF9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=5104.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sat, 18 Nov 2023 23:36:01 GMT
via
1.1 6c43684b05a77c1925eb58e93105a976.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
AMS1-P3
age
285945
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-ams21081-AMS
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700350561.336259,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
u141OJMv0C-dzFhOswqFgUSqc5QVRlTlDO0EV3-WJbPPWEmKLJcO-Q==
x-cache-hits
62269
generic
match.adsrvr.org/track/cmf/ Frame 52A3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 52A3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32218

Redirect headers

date
Sat, 18 Nov 2023 23:36:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
content-length
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96dS1xaXUtemhvbmctaHVhLW51LXp1LWJhaS1qaW5nLXpoZW5nLW1laS1saW4teXVuLWppZS1zaHUtcXVhbi1uaWFuLWJpLXNhaS16aGFuLWthaS1iaWFuLWZhLW1laS1iYWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTJiMWZiNmUwLWNjYWEtNGNjOS04YWQyLTEwZmYwZDdiZjg0YyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI0ZDcxOGQ4ZS0yNGJlLTRlMGYtYjQ5Mi05Y2EyNGMxOGMyZjMiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwMzUwNTYwMzk1LCJiaWRzIjpbeyJjcG0iOjAuMDEwMzczLCJhZElkIjoiOTQ0MGY1MTU2ZDE2NjY2Iiwib3JpZ2luYWxDcG0iOjAuMDEwMzczLCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDEwMzczLCJmb3JtYXRUeXBlIjoibmF0aXZlIiwicmVzcG9uc2VUaW1lIjozMTMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwMzUwNTYxMDI3fSx7ImNwbSI6MC4xLCJhZElkIjoiOTYyYmUzZDdlMjU5MTI3Iiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM3NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDAzNTA1NjEwODB9LHsiY3BtIjowLjA3LCJhZElkIjoiOTg1MmQwOTFhOTllZTU3Iiwib3JpZ2luYWxDcG0iOjAuMDcsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA3MDAwMDAwMDAwMDAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1NDYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwMzUwNTYxMjYxfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6InRlYWRzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI5NjJiZTNkN2UyNTkxMjciLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=5117.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3233266139808311&correlator=4042894328981101&eid=31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&arp=1&abxe=1&dt=1700350561272&lmt=1700350561&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=1109969163.1700350560&ga_sid=1700350560&ga_hid=60617859&ga_fc=true&dlt=1700350558930&idt=805&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_15_1%26cluster_reporting%3Dchrome_DESKTOP_15_1_active_1%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D930689a20b31af1%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_3%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_3%26faid%3Dfalse%26adro%3Dv8_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2631655e487a0c53f57cb6513490e54d44bd12a0a38862001d315de7a2a4332e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11667
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 9B9C 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:36:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3233266139808311&correlator=918839440047586&eid=31079240%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&arp=1&abxe=1&dt=1700350561283&lmt=1700350561&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1109969163.1700350560&ga_sid=1700350560&ga_hid=60617859&ga_fc=true&dlt=1700350558930&idt=805&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_15_1%26cluster_reporting%3Dchrome_DESKTOP_15_1_active_1%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D962be3d7e259127%26hb_ap_bidder%3Dteads%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A9440f5156d16666%26hb_native_image_appn%3Dhb_native_image%253A9440f5156d16666%26hb_native_body_appne%3Dhb_native_body%253A9440f5156d16666%26hb_native_title_appn%3Dhb_native_title%253A9440f5156d16666%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_3%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_3%26faid%3Dfalse%26adro%3Dv8_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
bc02b300f62e91c95f25697557040a84d6af011a9bfddab8c9be009cdf5c7c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11659
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative__300x600_previous_gen_widget.css
widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame CC32 		482 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 19 Nov 2023 03:36:01 GMT
date
Sat, 18 Nov 2023 23:36:01 GMT
last-modified
Tue, 22 Aug 2023 10:30:49 GMT
server
AkamaiNetStorage
etag
"9d8b870db69e4f578fee693ff233fc33:1692700772.366871"
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
482
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame CC32 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 18 Dec 2023 23:36:01 GMT
date
Sat, 18 Nov 2023 23:36:01 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
writeStatistics
stas.outbrain.com/Stas/api/ Frame CC32 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stas.outbrain.com/Stas/api/writeStatistics?p=X_G7j9K1EDzTQ04KFOYOYnWqi0jrcKk9UGQsGD6B_wLhijUw7QR96ErjL5aHcyFloq-hU7T64yJGN3GP6m3B1cz7e8Hr1_R5mHRogeo6FjCrxEzymdTwdvsSpWzlx11w25ggcvfM6OZ4K_IoPo8SO27W5eq01ogw1Z51M0pCql8T4XHl_jtwpPLTIhwcmmeHHfzvSl7AZy08ahQAdqGGfc7WOUiXIWu2Oy0fV1HuC9WtuVCxVkM6tzK8UimbLXreDN6aYI5XMlzxabs80ktkeeSuaOQrH3j3VX8lkXtamxY6lgAgKNVpxHrj9JdT_Aq5RTY8cb8JVOztf4RRlnGfJYfXDUfdtSjKYK17CrDf9ykJ6eyi-x5E-ONc5nSxreDgBg5srtfAWNxh28LMe7Rm4pnbvHjXZewv4fjt2VBmFUyD09rQ057vlDEGDWkvJ5cwLQFSCN6Ez6ikPjFiB3OL7aqJqyiQsBy-Z6gIObWODt8SwJyRFpaVSMBF_0l7WdrwoAEbJ8lCeK8vZV1x97w9R5kaKEo9BqfBGP-gqVPgUr3LMTvjVOxhJZbe8ItN1h9xtuiMDBNk983orGmPLCT5zkBh74nQMsJadRm13kFyE-nP-5NROQipy3zKwxO9owkcSZ2ZNyzEToaWuexnZFaU6iLR4tbBgefInlPFf_-2Hb_wdx41O9o1FZeRzvLPMp_AgWQ0EIKT-VipTziEuJDTgHgkaWUHOZVBhga20F2wDxcb4OvK2AVUQtcRaBG39rCwql-o5I_qURJiNRakQ7kazQ&c=92027576&v=3&deb=9748573
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:02 GMT
Cache-Control
no-cache
content-encoding
br
Connection
close
X-TraceId
991ca0321da184658db16eb2671a3dd9
Content-Length
49
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/impression/BY3UVKBQPHS4XVAWDEL65UASIAHYMCYXIZYVFYOOKDKINECIKOWBMH3PLM64F5EAUGPHXDUF223K7IFMMTYLIU3HWMRDMRF52RYCF477BY2EMOOK4XFBM6RW42I7GJM76ZEBXWDEFVPFQBAIX56NNXVTSZ6HOV... Frame CC32 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/BY3UVKBQPHS4XVAWDEL65UASIAHYMCYXIZYVFYOOKDKINECIKOWBMH3PLM64F5EAUGPHXDUF223K7IFMMTYLIU3HWMRDMRF52RYCF477BY2EMOOK4XFBM6RW42I7GJM76ZEBXWDEFVPFQBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NM3HAY7CRGAULZZ76P2BRAC5DB7GHGFMF3VECE4DHW6SHTLRBC2TFUQEJBLPXUYUIUNU3NV47PRBIH5G5U4SQYE4JS7UD4FBEBSP6VCRV4MG3OS77U2NRUAQHHKQP7BIAMIGMAV7HHBN45EHOAJMPEHGSSFQWWIMAIPTOQHPBZ4HFQPMEGYUYF5BVKI7Q42HB3LWALFODYTHZZ/?
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:01 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 48F8 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
7148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 19 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8849 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f51dbecaad3ef88b62304fab4f3ce8a97503b92ec7b0b2cca951180660093ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10188
x-xss-protection
0
server
cafe
etag
13227360289775639850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:01 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5E8F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 5E8F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32218

Redirect headers

date
Sat, 18 Nov 2023 23:36:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-TiJej7VE2oRSUG0wRx5XZSgybgZAJwICJewVAw--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 5E8F 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 0E93 		714 B
624 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
14062
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
82840880ffdb2299-CDG
content-encoding
br
content-type
text/html
date
Sat, 18 Nov 2023 23:36:01 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsAqSyE4Z9bdL%2F0gYQ%2BiF0bBISpmsV%2BP%2FSZn%2FGdIJ4tu%2B9myv1NkFYb4ViWR%2BWvM%2Fr7IwKlV89X0kpTyHvbEAsYLEDHLaHjy7Oq3m2O6BrKRg%2Bj0fNV8tE9pBs3YhQXBSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 39E1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:36:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 18 Nov 2023 23:36:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/5e7a7e5e-e66c-3875-b259-daff7646a659?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-F5yJpkhE2oXh2HK91UFE8O_x6R.XO2K66aU1yac-~A&redirect=
0
0
usync.js
eus.rubiconproject.com/ Frame D31B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34558
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:59 GMT
L2EvenUtcWl1LXpob25nLWh1YS1udS16dS1iYWktamluZy16aGVuZy1tZWktbGluLXl1bi1qaWUtc2h1LXF1YW4tbmlhbi1iaS1zYWktemhhbi1rYWktYmlhbi1mYS1tZWktYmFpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvenUtcWl1LXpob25nLWh1YS1udS16dS1iYWktamluZy16aGVuZy1tZWktbGluLXl1bi1qaWUtc2h1LXF1YW4tbmlhbi1iaS1zYWktemhhbi1rYWktYmlhbi1mYS1tZWktYmFpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 17 Nov 2024 23:36:01 GMT
date
Sat, 18 Nov 2023 23:34:58 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 18 Nov 2023 23:36:01 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
v1
prg.smartadserver.com/prebid/ 		0
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid-request
onetag-sys.com/ 		15 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
usync.js
eus.rubiconproject.com/ Frame 9B9C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34558
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0E93 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5e153bc0101b4f932deb4c2ff3be35c3978b28c754a657088ef796cb888c1ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31361
x-xss-protection
0
server
cafe
etag
944 / 19679 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:01 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 18 Nov 2023 23:36:01 GMT
via
1.1 varnish
x-amz-request-id
ZFRPC3PFTHSKWAJC
age
14642
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
I3ik5JowKcfEGbtrriHouz1flL96hfvN+S8YuupPMlmly2fde9Exqqba1OwCj7qV+igbuNUsCvE=
x-served-by
cache-ams21081-AMS
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700350562.546588,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
444
khaos.json
token.rubiconproject.com/ Frame D31B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 0E93 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
44215
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 17 Nov 2024 11:19:06 GMT
khaos.json
token.rubiconproject.com/ Frame 9B9C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
container.html
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7925 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:00 GMT
expires
Sun, 17 Nov 2024 23:36:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0E93 		492 B
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3921667393077596&correlator=1465800015623351&eid=31079660%2C31079668%2C31079672%2C31079233%2C31078017&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700350561805&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ug22x0pxgr0x&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qO3e8SfI-isQcIdqSh6KcwM0BAr5lEOT6W28h1IofaKmCXWFkMYuVq81OqBWdsK8a6fkp-EU6eUzCFueWP3LB4ygSngMGgrqF0kunnWeNQAwjsM64q6XFJsphBnFEbs5Mpo4AjF_ogl4kln13mr5tzTyKIq57iyBCDQ2HVbrqkrwlQDYW2cVScfOckmzf4n_VkBnzaSZzSzmoDkFmhd&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=633667509.1700350562&ga_sid=1700350562&ga_hid=1593407844&ga_fc=false&dlt=1700350561495&idt=283&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1ba5f5b764014975b339496ebf2d21b8ffcc43c9d0273005ffa46af2c39d8271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0E93 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
6260d70e5269eba9bafc5f6778f88d06ecb11c17b5e354aa4b0b7700a09b122b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12348
x-xss-protection
0
container.html
5f1dad02383a875d2ce1ca56d7dc5967.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A76 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f1dad02383a875d2ce1ca56d7dc5967.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:01 GMT
expires
Sun, 17 Nov 2024 23:36:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D8B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:00 GMT
expires
Sun, 17 Nov 2024 23:36:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-35.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
0.02
pn.ybp.yahoo.com/ab/secure/true/imp/FJ58K2LjJ80SbkWSzpVQe9BG9QKa4ZWY-Cv48X4JDfCtceCEIlw2yhScjfQi174c8S1MsJnEI2CrtRTtuy8g3pJ3GzECh9UQFXzVawI-ccWP6kXKdVUvmkmUKjhFVzUqAYyd8KmpZnFe94PCj3Dw6b-tsSvPLgPbA... Frame 2DC0 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/FJ58K2LjJ80SbkWSzpVQe9BG9QKa4ZWY-Cv48X4JDfCtceCEIlw2yhScjfQi174c8S1MsJnEI2CrtRTtuy8g3pJ3GzECh9UQFXzVawI-ccWP6kXKdVUvmkmUKjhFVzUqAYyd8KmpZnFe94PCj3Dw6b-tsSvPLgPbAYemIR28aQ7Ms4JDuVP3xdN9avVK141ptPj02-C3NsT7oLJiBByoWF7bw89zWTqulI2EGzIfCdUneWuO6dT-vKq1KpG-oU1V0c6TDZ7D6VwSdUTVHlU0uzar6Y-2D8aLG_3kyxgDxTSXxLJwCTrAw_NKwOyZKv3BIkQWqOUoK6lrh_xO89y0ma_a7zP-vT6p-6DAOip-eiJkoAVY1ekNPDOAKwwYm6p0I_DslvKOCC93yH-VpiaYI4dBIM8slaoKmf9erbgqKWFOayZjXCPGDlR4CysCCbLTPr_gOW-KSrjm9o4JpIvtcY-eKJSZv0_6rQSouOrfR2aoFkIMW2GYqgJyL6dmUkpZ4OAxib8HpGJngz5ac9Y_VyRZspE9J8gikAmVvgbyhfgoXmKFVmRLGdfJ76Xh-ZIU_eIlpHhsOBO5iDOlZYtoZfYCGQE5E3JQCdZAsxzk3z1K-mZtApbtF9pY4ElFj0bwnzJS02RSGHdKNT3Qq3X8ORPd9vOBTX7dCv2KHJ_vikBLJfDw9MS8nAfMdQR1NCJ6QInD1fh9zewegw-13TQH4PsBoYJv0ZZ44tb2iPym-qG3syT6pUt1qIomF4yVTwpGQD-wpfgeDwgBmtGVYFWQk8lM0p4Fzy0hRgNYSa4YAppQtt3UiBrOntuoWcXuB5CrgKXYoPoOnEM49zJrhWntCYLBUGX6FTrOzYLW-xHoCGwTvHbEsyF_6isurX_JUZDHJ8HEddc_jUNVRmOesDPayL6r_n62ryyG1Ffs9dMVstVlMsOjbqWcW1lro7Zx_NOD6MEQ1C8Av2L2gtJciRZZWPXoTH-FZ_7X1qsvF-7U-WAf1YubJZOKJveIF-VaKU1mh0BCUaCFYOXwBC-icaieVFHAAqx0P-xHhm-ENj4Ys5tkoTAVaG9Fh8B-OjViQeU2yyYA2-mfsT0m3D3GduDKAdrexwMEiwdLLO6s90KRArkBiC-PF2G1uDJ2C--blQ0JTFbtlzgwjSu_Xa60xeqyD6uF967IaGTk9YQpfQcPuFlAELGBjzvFYQdG_Vkh3sEuco0NEz3_DjmTPnpkivUzUi2tLtc188ypvYv4tvpPEe-uR_tBa49uq9rUfS43dTruabb1NuCMKSre06dhXSFzdUUXQIyhkcCWR3zS6R1VUgu5XecHJMEf_CVGpTnvI6FeG8soIZ_YGcCmjYFm3r0eStlfQZvEDaf3oBPzTF_SMLnBkiECCjfjCBxRx0Kzs5uCx-BprAi8L8LYnQDDnU78Qj73K66vwNF0/wp/0.02
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
805112d0bab5a79f90644494f65296ab71f6be2207af4444fbabbab98c9c88e6
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
3299
x-xss-protection
1; mode=block
73bbcd49-ac5e-4f6b-ab86-9cf9bbedc3f9
a1123.casalemedia.com/impression/v2/693656/73/clckko030plbt0dqtn00/ Frame 2DC0 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1123.casalemedia.com/impression/v2/693656/73/clckko030plbt0dqtn00/73bbcd49-ac5e-4f6b-ab86-9cf9bbedc3f9?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1700351160&profileIDs=&creativeID=29379df&pubID=189372&format=banner&channel=site
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.54 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:02 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-35.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96dS1xaXUtemhvbmctaHVhLW51LXp1LWJhaS1qaW5nLXpoZW5nLW1laS1saW4teXVuLWppZS1zaHUtcXVhbi1uaWFuLWJpLXNhaS16aGFuLWthaS1iaWFuLWZhLW1laS1iYWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTJiMWZiNmUwLWNjYWEtNGNjOS04YWQyLTEwZmYwZDdiZjg0YyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMSwicmVzcG9uc2VUaW1lIjozNDgsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6Iml4Iiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwMSwid2lubmVyQWRVbml0SWQiOiI4OWIyZjk1ZTI5YzkwNmIiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4MjUwIiwicHJlYmlkQXVjdGlvbklkIjoiMDQ0ZmU2ZjEtZTg4NS00NDg0LTg3MTctZDYyYTQyNDE2Mjg2IiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=5685.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pixel;r=347937882;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html;uh=e51ed67dfb8d9...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=347937882;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1648394813-1700350561033;pbc=61b823e4-97d8-47ce-bd0c-ff9539554794;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700350561839;tzo=-60;ogl=;ses=6b8f010b-3e35-47f9-8c96-d87566e5c0e1;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6d3771ff896dc6d8be9942e8f3f4165e117a695229bf38f6f89fa3d503266895
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91862
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 23:36:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E6BE 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNWF394cVdafEiMFZb_DantsRTJpit55VZOt1mKIORqpIkVEBN52O426hDM5Ix6qmS_lxyqlBj9hjW_YmpIzEU0cdwctrA
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7925 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7925 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-b_a2VPBcOfokNjdPltPvbYunkQUVB8oRkXlO6o5fdtxg0V8JRpCjoGAIBHMq7RjU7kF7kybXtvBmJ9ruYPqN3_695LmTeADrxlrwOBeZtezRxnM
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7925 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8012077641137758663&x=1&ct=76
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7925 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
44208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:19:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7925 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame 7925 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReysyyIAAYdNzlUfB-QW5VPV36_s_wWhfVXeZFKDOirJrKBEoswmrcQeuWs5ZIa7VWxGFjPVA2ZJhlGL67EgUP6Vxchw
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7925 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A49 		478 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNW6sWpdvB11TJc1LoLLXoPbtHu8Jva1DbpnKtmM1l3JaNzXY9S5IrAZuOlyEOTdCxA_aHDHdnhrSYue5JA1FISyIpVz8A
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3D8B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D8B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTx_HVOK-b5F9lWHll6f23NQQiZPHsyRIe8DLwF-ZYkURyPbwbvvzWo9WA9D_Mrxj3Cz33gdTDY27R4k_5irl6D1U2R7b4csKvjOeCT2ROZjElQ0A
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D8B 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15733100555584646757&x=1&ct=76
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3D8B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
44208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:19:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3D8B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame 3D8B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUSYsyDrf9XT7TSBF4NnFWsRA5ErQ06wjZ12n4ETYkFtF9Htkre3yurGIx4cYeso7cq19w3qV9eaWVN2MtblnkB0ho6w
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3D8B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8849 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e5b51270f6a49d0c09de2624d78c98b55122555508d54f77a9eec37b735a7b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52855
x-xss-protection
0
server
cafe
etag
42978892583626964
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:02 GMT
pixel
cm.g.doubleclick.net/ Frame 48F8
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEFiwSgqEVaPQuJEYd6Fuh1g&google_cver=1&google_push=AXcoOmSos4IXfR8_O6q5FViZaJGNwyn2FkfWrJH5NtT-1FexnJYvZHmNEY5baRGhjQrzP1S7d-aN6AngXo4bazRK0TjoHy8GHNGu
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=M09BbUN5UENCQW1ZOW1UeFlrcFpaUQ%3D%3D&google_push=AXcoOmSos4IXfR8_O6q5FViZaJGNwyn2FkfWrJH5NtT-1FexnJYvZHmNEY5baRGhjQrzP1S7d-aN6AngXo4ba...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=M09BbUN5UENCQW1ZOW1UeFlrcFpaUQ%3D%3D&google_push=AXcoOmSos4IXfR8_O6q5FViZaJGNwyn2FkfWrJH5NtT-1FexnJYvZHmNEY5baRGhjQrzP1S7d-aN6AngXo4bazRK0TjoHy8GHNGu
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=M09BbUN5UENCQW1ZOW1UeFlrcFpaUQ%3D%3D&google_push=AXcoOmSos4IXfR8_O6q5FViZaJGNwyn2FkfWrJH5NtT-1FexnJYvZHmNEY5baRGhjQrzP1S7d-aN6AngXo4bazRK0TjoHy8GHNGu
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
pixel
cm.g.doubleclick.net/ Frame 48F8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELCpk5Jvw_FgYfGaYykI2P0&google_cver=1&google_push=AXcoOmThZ_m7v-twUL07tK1qUu5fFOMzMTPuoViNEl4ClDHnT6rH7VjOQtgSkepKj18s2tyGDoMj-JVqAf8rdo7M3iV1jTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmThZ_m7v-twUL07tK1qUu5fFOMzMTPuoViNEl4ClDHnT6rH7VjOQtgSkepKj18s2tyGDoMj-JVqAf8rdo7M3iV1jTZ0K6kkfw&google_hm=eS1xUy5LVlZ4RTJwR0FV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmThZ_m7v-twUL07tK1qUu5fFOMzMTPuoViNEl4ClDHnT6rH7VjOQtgSkepKj18s2tyGDoMj-JVqAf8rdo7M3iV1jTZ0K6kkfw&google_hm=eS1xUy5LVlZ4RTJwR0FVRllZR1FzWmtaZHV5V05xV2FMQn5B
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 23:36:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmThZ_m7v-twUL07tK1qUu5fFOMzMTPuoViNEl4ClDHnT6rH7VjOQtgSkepKj18s2tyGDoMj-JVqAf8rdo7M3iV1jTZ0K6kkfw&google_hm=eS1xUy5LVlZ4RTJwR0FVRllZR1FzWmtaZHV5V05xV2FMQn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 48F8
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDZqQ6DCVBHhuGSoyyODT1s&google_cver=1&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBgA
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEDZqQ6DCVBHhuGSoyyODT1s&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBg...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBgA&google_hm=jy4oVnQ5y2skkjc-skhzLA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBgA&google_hm=jy4oVnQ5y2skkjc-skhzLA==
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQ1DrxSwjMQxQzUOurUCVXLNHw2_b_-8_eSDAP3QGZiz8BV6NXAq1iMnwbJewxz6JXOrUxex6mnQeU1kNbEG8NwvDuftiaBgA&google_hm=jy4oVnQ5y2skkjc-skhzLA==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame 48F8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTxuLa4V29nr0NKkPQDk...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA&google_hm=AyKuCLPw0UYgh7RD-FijYlk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA&google_hm=AyKuCLPw0UYgh7RD-FijYlk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTxuLa4V29nr0NKkPQDkC_RPOM8B8pvPMfnV8B1zBISlkcj2p0JDSc41dA6_lGchs2ACtiHrDguBpNEvrWP8Bl01-3WaO18nA&google_hm=AyKuCLPw0UYgh7RD-FijYlk
date
Sat, 18 Nov 2023 23:36:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX22ae08b3f0d1462087b443f858a36259003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 48F8
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHDFgLSzgGkMX0kzydlWLNY&google_cver=1&google_push=AXcoOmRITYYVOZcfsJJw7MrzfiM1uR-29HPuWvMEf23y-xGroFwYn4vYuY02rqOOugZXXiw0YFUmO...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRITYYVOZcfsJJw7MrzfiM1uR-29HPuWvMEf23y-xGroFwYn4vYuY02rqOOugZXXiw0YFUmOhtSWdTtQKopd4NM0D0l-4-7&google_hm=WlZsS1k4Q28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRITYYVOZcfsJJw7MrzfiM1uR-29HPuWvMEf23y-xGroFwYn4vYuY02rqOOugZXXiw0YFUmOhtSWdTtQKopd4NM0D0l-4-7&google_hm=WlZsS1k4Q284WDRBQVBzUy5QZ0FBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 18 Nov 2023 23:36:03 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEHDFgLSzgGkMX0kzydlWLNY&google_cver=1&google_push=AXcoOmRITYYVOZcfsJJw7MrzfiM1uR-29HPuWvMEf23y-xGroFwYn4vYuY02rqOOugZXXiw0YFUmOhtSWdTtQKopd4NM0D0l-4-7","cluster_id":0,"gdpr":false,"ipv4":"31.164.63.86","key":"ZVlKY8Co8X4AAPsS.PgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad435"}
X-SO-Key
ZVlKY8Co8X4AAPsS.PgAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad435
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRITYYVOZcfsJJw7MrzfiM1uR-29HPuWvMEf23y-xGroFwYn4vYuY02rqOOugZXXiw0YFUmOhtSWdTtQKopd4NM0D0l-4-7&google_hm=WlZsS1k4Q284WDRBQVBzUy5QZ0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad435.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
156
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
31.164.63.86
/
onetag-sys.com/match/ Frame 48F8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECfDVgNSdUx20TTR8w44x3Q&google_cver=1&google_push=AXcoOmT6kUYCVwQx0us92C7krWZ_KUPKS20ASHj-IcNiGWJfZzTfUs-0e7FQGLhM1D6JuBTojvAen9C7gWO...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-TKjvDfai8wWknAXqvCxSwO6BIlHJulcw&google_push=AXcoOmT6kUYCVwQx0us92C7krWZ_KUPKS20ASHj-IcNiGWJfZzTfUs-0e7FQGLhM1D6JuBTojvAen9C7gW...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 48F8
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEN0n2wpquWIetm6BFGfyPIQ?ext-param=AXcoOmRmWhfygZ-xGF2hKErxPLMnCb6PEF0JG3ihUuXRdGhK9KoYfqawar-NlQjhPQnzkjjmC9oG7Fv8KWAjTNi-5eO376jlB73L4w&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEN0n2wpquWIetm6BFGfyPIQ?redir-setuniq=1&ext-param=AXcoOmRmWhfygZ-xGF2hKErxPLMnCb6PEF0JG3ihUuXRdGhK9KoYfqawar-NlQjhPQnzkjjmC9oG7Fv8KWAjTNi-5eO376jlB73L4w&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEN0n2wpquWIetm6BFGfyPIQ&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 02 Nov 2024 23:36:03 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 48F8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRsiCuIu_QHkhuRNj5JwVE1WBjGnTwRxNQzq2-qX1HOjCRiFp-0GVGI1BchvbtCAHw0QEf_WY
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:02 GMT
x-amz-request-id
081SX6Z0FQW0GJ1R
age
2660
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
/0zMik6Ni4YfRkSzWHZyQyyvjLzptDPMYRRYEGrrsmraHcsVccNDTiKo0lnzw0ubJxaQG6B1aH4=
x-served-by
cache-ams21081-AMS
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700350562.040599,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
55
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1837
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Sat, 18 Nov 2023 23:36:02 GMT
x-amz-request-id
VQM60MBKQFQCY8SS
age
14768
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
c0fAurhn9vBgbP8wnJn2qGbHXMl5w9VV2jDxhusPnM555o+lMkYVqeqQaj6/ZFBDYNqAhNcfUlc=
x-served-by
cache-ams21081-AMS
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700350562.040565,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
56
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2271
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700350558957&gcd=11l1l1l1l1&dma=0&cid=1109969163.1700350560&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700350562&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=%E8%B6%B3%E7%90%83%EF%BC%8F%E4%B8%AD%E8%8F%AF%E5%A5%B3%E8%B6%B3%E7%99%BD%E6%B7%A8%E6%AD%A3%E5%A6%B9%E6%9E%97%E5%8B%BB%E3%80%80%E7%B5%90%E6%9D%9F%E5%85%A8%E5%B9%B4%E6%AF%94%E8%B3%BD%E5%B1%95%E9%96%8B%E8%AE%8A%E7%99%BC%E7%BE%8E%E7%99%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=5908
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Z0TZ7TDHS1&v=3&t=t&pid=1048897341&cv=1&rv=3b81&tc=25&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=www.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tdp=G-Z0TZ7TDHS1;86690812;0;2;0&z=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-Z0TZ7TDHS1&v=3&t=t&pid=1048897341&cv=1&rv=3b81&tc=25&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=www.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tdp=G-Z0TZ7TDHS1;86690812;0;2;0&z=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Z0TZ7TDHS1&v=3&t=t&pid=1048897341&cv=1&rv=3b81&tc=25&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAg&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Z0TZ7TDHS1&v=3&t=t&pid=1048897341&cv=1&rv=3b81&tc=25&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAAAg&h=Ag&tr=1gct&ti=1gct&z=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Z0TZ7TDHS1&v=3&t=t&pid=1048897341&cv=1&rv=3b81&tc=25&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAAAAg&h=Ag&z=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Z0TZ7TDHS1&v=3&t=t&pid=1048897341&cv=1&rv=3b81&tc=25&es=1&e=gtm.dom&eid=8&u=AAAAAAAAAAAAAAAg&h=Ag&z=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 19 Nov 2023 00:36:02 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 604E 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
47296
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 23:36:02 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 550A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 19 Nov 2023 00:12:40 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=U8hIhLS0tdi8qiKYJZyJ%2FZxFWOnmuCkoCT92hRrK6pvBfPqNT1Zp9XcufJM%2B11mIxUnQc0qStzshclQMfKOhiX%2FEwvGqdJYR%2BqwnZ53ZyXfYXuCWFlO5jlNsAYM3rs1p3TzepM9uyZ6N%2FErXCQi2f3nGEMpXHv1Mj2j63TL33zhi8iLJHQc%2BumGGU1wyUfWCHGUA1xFkrNYGsxtgUs223HOfSyk5xALVAtP2UdRUHHVCajEQWQPSegudpLB6p3xFMAC99oT5qQocZjgPkwxpeZVgzn5oTDy88IvB9t2b6tAr8Jeck6y1WNA8Ay66FYu7z8AfzJucbCwsZ5EiFrSB0ciIBubMOIT9wEK8fKxQRU38Wv2X2yR7%2FE6%2BOqgEIHnfWlrdpWM2%2BmylVRPOWrm4pSCWex4xvkNbvpASbPl4PqTR5IM3U5%2B134vPs11xg7HbYhf6X1x%2FxB2DFbww1r%2F8abrIB80nwxR0UWHOqftnKKduXK5157S8a%2F8VbCVsKBQeIyVAJANqmqerijRCxxeDMinzWdxPV2%2Fz4MCaAflQLSZkFbsqqIWGy52Mlo4YL2QoZMV896KbvoW41VHzNNxnrSzaqA78pB1kLhhXzwQn3XTOWocPuLbX6sKEYH1PxPu1tpoK4GGrXGseUylBTsVF0uuZ9Vg%2BVWRxA1QuTNqgmuc2OXUJu5cIOPQ1xcbVnYEBkvuMXLP3i2xJF8nWaT70LEPv5bWj9bkdRq%2FJIMOEVwerMH8MoZgYSQvkCquo9SjLI%2F%2FcenE70wiga59ohZys5A%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7925 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8616877878788&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7925 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8616877878788&version=m202309260101&ct=76&x=1&cor=8012077641137758000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7925 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-lep4q7Kh26F32Vlr6wPiVaak37T_oBdmJdSj3dbv-bUMli9GP1HyYfgW7ORcS2lfKVD4k9MPoNZHAb-mE_mkGnxsKeu5ANu1jYITE55AgMH30DYBBTfTd3sW7X6esHSJX3p_EvokheJNT04K2In52iZabC0FQCm9uno5WfDilfLPLMA&dbm_d=AKAmf-D007G1HBdz6ud43ON3MfY1zAc093SKPMiSvi7RlXnEVWfwrlL3Jh730IytV26I4l2V-ABSuSYvQrlbeNtFM1hB5SpY5OvUrQl7QiRuPOEErW2cwr4abCZmI6dD9OwtC4ohHYHX39AR_tFgRX5nhNczsM_v8pttZePbdr9kWWDPoKEsDLwqcJ_eA_gO820sDEY7CiCrsF8sbUiH8EQTHxNiC4KsqrjmowIQnYynurJrnOVgp84Fxh_TWTGpVCWEBnJGOQG_LqESaPKddnmOebFhvROvQEWbRKNE-lQ9vT7-E9mXFCXtR8_9ROG7eUrhHPHVvGkK9Vmp9AKp9RbyIOVuBgOpRlvC_zc7X-c4tFC9i2qi2bTvA-LCwZhX8oNMr6eA9lfHuwGt2osYq1Q6sInsM3meXENOHWc5wRXyYtxqDbM9-OxLfIw-dEdoN-merQsPk0cXXjcR7L6VKOMdwP5XGzFKyDeJy4hlttz1EJnXaHZbPfirFkFNOfgJij5FX6iJlQNJJR4UT5LviQOIR1puucRx7tF9Qfgi8KvjppD2PdmXwdzanS_EdEOSUpN79Uv6bbatC3asRyzy7m5SMvKmr8bQMDIVBTOys2WJ0rUZ7IQFZUwGa6EXSnh75RHS5AXMHuS3ALs30qBG3vB9c2kA85VijBa3SI-mhDI8Zjw9PYWBDKLdMEP-R3OQ9f14SWjzggJQcXOPGL68ciOSaE8aLOqT4bW8cNhJCPFcoQv6ige-Dv-ww9ZZaR_5fU_9Pk9vvhjdI7vWbGqK0KljbfOPEDLIHSpcLswaGhUlWy5QvsOcBUjbSTMkCyg0yJ1UGEP5pAcXjD7VrkEJnvSF75Op_AudyHLnFt5pphyvSnfYQ1g4ybuEDSfgUkRw0tZQGqEkfaMRg3HD3hb7XOyPRHW4-wSqyh7ClQP-k3jC37LTOqcS0EEvZPWuWeEJgYKCmZajZx3LOs9Pizt3LCn79p3t45AEG7--p3Gc8zr_AiFfQ8Zk7BZndJpc-nTjJCT-WfPjjEc5IrQfDwDOkD9xvqjMEZYr59qmvBcmNIoPR-wOZZhATvqnaYAf9_B1_gazrAfBH-ecp8AcMy1otUDBYFDARYsBoH1rBC9TkD5Y5xXMAt7nvVRxUvgHVOjTXM15nBJtpEeDHJaKhqmZqoNQkFjMQVRbRtWDG6aVO49xfmXE0g6KZLbzNWh-rw1ac1VItFiFbRDj3-bs84qiD-gwdLCoKRVpr0QtqhZZd9rmn7y9q-ERZ8YKA6X6mywGdO57XcilRqU1Qrqi3VEbUCNmo3tXjt3u7WfqcgFBNEG21iymSeBerwpjQAbdUN7zTMAcH8oAp2EGb8VKdBjKMMrHKEG5G7qr_wlV6kKhzg7qq-ZgceNRuj9YBgryzP5s698vJz5L89v2r2gnkK2ti1XVX5wUSaOoQ6aYgqgVrOsD7X-oMZEKDfpn6eb8IYnoaNmLkKEiVNkFx-dReDTdRppFs7D1jYqn8Pm11Cvsx9sfhD8FfV-l5Mh153XNdFulcEA_NoSJlcxJGJyP6Cfq3kJ7FMJU6_y1KjoXU70aVSkF4xTw-WOhdRcSK_5WGGH1IEF-EukqSimNY2c1uB20hvClJEtezgzGYK7-0fezHRDG-xZ8dUWYWcEEPwpdbHZWgpMJdYo7OccZhVfHdo354RvkAlLFjhUoryrjcu2xuZySwafnJt96m-AssP_5kj8py9lXtHU_OXBktYrUS7rHX-lk8hc6iNude3qXsitsy4Z1kSws5ppjRfcpudP3IXj9QtqCQ3PyPhOA62OHFGu_NjHYKXnyEQCeXcozg1WCpAg7NOmF3-IlUM78b1jey0SqpihZ-mEt6tBMDCPcimAeskpq0-8TbhBdOaWhSBNmVSMu1Pvysx7mhDZZmXFFpbVFoz9Tk9mNruhnaCXbf1YHH3qcCSzlcOMKKdMckhYSEz8_RRDx9vKI6LeWk5phwaGKdTonqGX9YOYmtaYf6r3hm1CnMIwVoZL8oqeujh67oWaWrObBwtNii1_R98n_S1vJ048FTc1xE2NA4p_WfD-bwMOyrz278DhUwvqKredO0oO0RpHIoGZ-MklpiNFYAqlfM28Usu5uTXxuocTvH0s1nKv964Ucg5XBbvL8M7oJit_uTHpRKLZ4hhtD2OYaEtEOQjM7LtooPpGm9wI_LwZbHqYeE6X9s3qU0UIB_IzPRtUtjo14nNx3yDk6RTV5q_TJVOM9fHB1tFXIvhdYuUM9p_qc-FxaNHg9qAZm0HQnKwASPKCADjMOGRMHbCIbzATpbDvhXEYbS0WiHTfC__NbPI9FuUy3ji3pVIfpGQNEgKMn_7hfhKK-y3DnARiG8-43OEXKv1uvrLaknI2r4H4psM8jmRyk6hQoVxa-RWks3Z84DFmbfmpRI72pP7uLOzQxMxWvi7gaqY-vgoP1Cg3GHhs53OpFO5SSMbblUD_XWEZXzaYBwU8XTVwv7kuGHJCs4ijezbsg4zka-nqf6LuBv9zY0PAvLgrBm3fCjaGQmIzCdXYDqTYxCvV0mOkqVz4X07buWLYEtU77eBTd3uqWFUaWgBBwMtZWZLKT31VZLSK-BURFU2dcy2oidyn6hgho4fr6lMMZzsYdBvKKev9eMxiq_kAI_HOj6etv74NMxdK5kwuEtYxO79836lPfgE2NfDAiSASDu4lQlBpVqq70GbndMh4gQ3M_QROneVW9Cxs5PSi_RQEo0lR4KzxIhr_RHLuIy8S08AnDi7jI875eEf7F0iNkS4PmA77rJVBZXHMPJ6sraOdVVviE5DLs7tx9BzYEqHwfoOkKMUftkZzqnFhoyoQdDlcLV68vFhgTTKrgSnJS2sJ63tloT7yG40eu0PogBw3g6JihTtJ31y5D2_pdg6kxGA7LTakSB0Ke-plLTCjwJOXRLCirWsXeZpczZqbiSRroJEFXOR13EgxkjOXUbt7e4K2khIy-6UoLho_dXyIK5XogbuvdrmN_msLpMnpjetc56jGKUhxTYnjzhrBYlYCTexjjaEZOT8ZEakxx6ius-RpAiDf7k04HYr02ODXKYQX2AkS2ufV_wx2hP7qRWDnG6p2AKS0ELejnAXTyU-kEyh9_VZW1qio46UWXiALlwIVdDvt7VO0cTVCXb4eAcaZ1m1ocb5gCI0XD--VnF-52lKfMkkkfJqEfvmj4nrRRQlBzoVfDR8xQaK5-5LmAZyw1J9xwWM-05RUNj4H_SeyfcnI9LuOzt-IPSdJSutfozRVTote3J4sQRkdS33bEwQNO9UHy3y6PzJIfaU4oyxJwkg6bgVgjz5-vYlaUdInCwl2RhVGFLxIl-pEBiytFslCxpQDcafVtZrVjv7oUuiWiqQDt55JMPx41pZnrkUHXbh3ZXUPmuAGKPTwKFbosQEhKdWPFPIVzHTkGO-TQ6UqKUKzmQKPbxLt7Rm7SO_yuBzrWV_VObYjg6FYi_A8pxOeHNTBG4rn9SLrujjia8jclytCEDUXtWpAaVUaUhW-9bIc7vMqHFJ4XFx5NZFBeXb2jEPh-_Ypwltaz3docPkzQ5_20gGApqzaXDNCaxjrhG4Jw1CEiYHsRs1YT7NcVQYe6WvH8ceQ27zIVOWTSg28clJ7UNexpDKOF7lJ6xiR7_rEJmPM5MhKa7pqnf8qRrqV4pG4Hkujf3lIFJW0KHWFcHYC5jqX55Aeko4APS5FeTZJHCaRClehGSg_0yoTMGttM_BIPhk1doPdFclL0x3CeW_Gp269k3lRTmtVT5832xkaJ689aYx6y3k49jzgHrTzzkkjaTuCSA17d7K3Qqva51Fzx3pXD6ATFP7jdhVn_J69oA6YbYCBMFBcFWwZjw7qVc11KBc61RZ0Bb2Mavhj342yh1AP8kMF0F8LU9t_bHlQuohmBAqN5NfAhzXj_khi_2mGTPjc5v7bxx1WD-adD2F8KAZ1vLydtm4XLy431oVQL3icleW7rSml7D1dbmOD-E9qlUxSIMK6RniHudbHD_INJUSSDcB4Tauh-D7dv1dwhYiO67goNFoHdoLLype7Lv4iMKvkJh9gUuKPX5WuhWh5qNg0Pw4AHQJzHbI1kHQEBaVKJBrADHITUou-ZIQCbSbpY_fJaAjwBDcXZtyTAgZZfiTNPx_XS-y8mmuIcLWPyEy751zdMTqBR9-8mcYbWYmV6hPiOLTD_iMrSttlf9IHEvJ8&cid=CAQSPADICaaN-6MKffT_vgoEMfcomn7OikPwJLC7gA2VP5wlmL1VlTVGy-MSE0d5ACo_yNMLJqM1V-XDMJrWcxgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8012077641137758000&adk=1033480531&idt=110&cac=0&dtd=31
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
57429da13779dd07bcdcc1e494b3aff0ab03e88a80923e621f0f3cfd89a04254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39092
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 39E1 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34557
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:59 GMT
480_650.mp4
cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/ 		388 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 18 Nov 2023 23:36:02 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D8B 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9190017524040&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D8B 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9190017524040&version=m202309260101&ct=76&x=1&cor=15733100555584647000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3D8B 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CItqpvxfBISbNDDGDGd9OOq6JK_FIdHm9graDtxSAbxkp_uv7snIVO8LWoPm_OnygDa5yBCv_tV8EvSy7YUmE0lyADbku-CA0KCAYccv0rGBF8sF2KGfSVVfDX1IhcYQNebtW5ujehB8ii0nP89LQCqq5SrZdMHW4uSLAUSjMIHdmcb4w&dbm_d=AKAmf-B_JkMPZR21U5M0jQzuwmQVqsgtxaAsYAV8ZMMw7zFvaxF1eQC5C7No89zldaMR6oJ8LXkvHMZoijz_YvwGHNBCRs7RawqlGwwgasB2Lnzo0BT9bvm3jG_F81V0C6tfHFo39RbE2ILpDkw6qIfKYSbB1zclLQyjIhScsPzsLkY-q-Z9_t3N30zYCGGzfKap-FPhL6osm94EBG38itCJ5SzOh7mEl3IrR9K5vjZ3Fk0jRpziYpT5m7rfUDrpA2W1JJX8f5QehjoATpMpmFxer90yAkLEq_eg2nOfIo7He1dKwVR1Z_p0qtZaY2jYMriKALjHw4B3VDMTSvAbL_Dk6X3RL0j7U6PGpqRUT9NDHAjh118d7lEU58iEtXM501nCa3VUfoxD_8aCaZiSbvUIaoVyDPe899UtzQlQoWbILTM34AIBsxCEadkVjKYD9GJA7bmSgoIGJqjT4nN3P1-tDQtg5YBbtojsY7I2UHcx2x_WM04WNtj0e028WPsvABkI_vHrbkZBUTrHMd_zE5gin2L42JpSI2gY9RJWgaWFRk_RIyrnSDnc0ndSQVB0BrEjzRqPXufDyYh_-7_OYmYLHoLP6JeIynwaQEPh_0OZ9uaDaW_SrNx0kxhzvENq1fxZV8HO6O4lU6zYwgZq0RQh3YRmDwudVhURhYf1-m23_gkhbWnpsYbOhnfH3g2kkXIw2oTCFwmANCoMD0yioD4dZcvI79Rbz6yhUmBbhuAPuJW1qpLSdS_uW71dliGVeRTGFqRbaUnDTQ66bGQq3prFLMBqbcWio70hejjDkBb8XCjeuGZu9hAQjpYJ28tX9HjiiytC4vzF6j5B15z4lr7hKnmT2rNwGLqAwthtenfkA2lAXRh0SEeVea91-_8_l9x3rowJ058J-o0u0qr1GbimH2j4PXB6qRZDUxDNhz-LD9ZsKeuk_3hyyiJhBIyKdGUbOdSAZV1coYmkY067eHS3nt20EzP-aEiqquAQXVG51nCEROnjj0NyBqznIsvc_vGqORDFcn10oR9FdClFxvuPfwKc8YhdGuLmBNZO1qV5ihCaryFKCnIt7tsW3ak5DOeV3fQTmCCyOmg4W70PUfV3iqCV-Azu19gYeASknFTDf6bOHgOPVXU6Jc3IQY4fHp_cY4A89xggE4_sL83mOO-6MQbFXxjADI2MwSWY6YDQRHz-iRNEjbnVr2pyDHkUwRi7sFwC8q1PYdrrZEGHXPOOoXPFiBQlQwZyw3aWZ1cMWp2wqZjYKuTrEYGVoeL33gmL0d6UzBLiO4jhms_DYdtS4ZYSVPOwi9MZN6sZ7cMqWBz90LFcfHqbNtto3Y1NKvp6xY0iJbVsNfuvrmKvnc9RKJgCsnsyOAJkE-1uYUEnlF3cHCkV7YK1c_Z0x8ksgzMRNW16rFlnSo_ppXtiL6ksDXG1sZ8A9XJr_emNIGeOM8gRDDWkxYjHZeYljKl8m9hr5yxCv4VrRoLVoyVnSqCOLFSETPpnhEMPGXnS9ycH-KwTEj4gxu-_LzN-QnBbXHpeopNCUljDeMZSxiS3E2bOwYnaunHtJE6wi5mWh5nnj40Wsfs9tvbbCrdSeoFM9IKME7oOVra6CvKu4NIz8X6G5GFSK0YHOq3kUjhh8dUZNVlrshcndXEEuOfGzn1uUw26Me6gW5B2hZapRzKNQSrqslzb1AIt6OLQ9Z4ZmkqGsp5fbBSPruxWjwq0oFXUzunhT3V8iDTVH-etw_d7D1BawFberF8NwDBwvMe_a2xGU0XNt0AboDhNUL0sF8lO3sa8ed-2G3uQ7lcQXzvC8ee7Etrv7tU9A1XC45X4kQlvHhiVInLdPcgWnYlhyAlHpxzNAgVv4tG3rc-WMIvwCYZa3ZB213qvtp_pT-KZfxSW6Q2Htki8Q3NMA3JsKxZOqeD1GOMvcjA_9kINi1sSjVdGdtXtsgM7hgZlxb6PhseM0_KsRDzDA_5d9oH23sMVItLydz12drikPUC8k5Lx0WVsGli1mZSKuE0OE0rfPH0ckfiIurhF6eT9Z-A-WYQP5okaq2XHTpkWMvBryzyuunK7153yastGUyVs6ESg0JbA0Ixq8Y2032XFqftkotJXInNq8GH02WFEZx_lWrwbfcYM8KT-JeF-jyyVn8o1SU_tuvn241Q5zb1ZlwhZMYmMwhUQRetoZwY8NdPXew9z3h2KI_2ghWmBZqqpaSRpVyZ960u1qmW-2KWF3Fz1-lIMY109suMYRVM_1X15hC_Ket6-47ovCt3kXCwsrHKx6JS8U1JRNBdmRKIseSdjYwsYtPumeRGMx_7Zag48YYdn-fT2AKtd2Z1K7m4SQtd4fFSZpVCPUUauG6gzU78ndh2gHqb8aGxvElFWycodoi_HKHuPGOOwGxHuKo9RZurf9TJ84EvYhA73AM1jGHzIKVVqXu6LShxsBDDHwmZ2OekKz70LkJzgQjwm2kv32bR12ZwMFoGVBKJqQLZtUbgpXn-oBENv2IwxMERqhZjJlMlepbndI1spG2Z46U4vQMZujKDglUTqVSSRFYEVUKnh-HgXFSM8Gih_R86TOFdP44MZh6ei7k_vRLtQ1XIOyEw_2d3G0ilq6LcgEpAjkUCFBLhAwkvsdj2VESh-p3AVfVfCyD2ODZxopoJ-o5QPPXLOo4MuSOWfW2cAR7FbnwMT9eWYJipKPUGzy8d4uTCoZC-HeEYc84zimzV4HsWvSMZiIYk-Ln6n632bJABj_jQSLIBEtUFtF7SLdVYo1JPoiL0xoT9ZdWR8TTK8ExEfIdsropTU25-8otIcLSH9Pg3izY3zozuCk4OWaCroSu7ws0sDid5z2BE-0YXPqFl-lZ_sV3ZG9gDuBvk_2G4LSfdkCcBacpYam6HDh5uXgDMCCU_P0KsfftaJ1QmNR4waEuof2YBMVGjgAYNsJqX-ZFpAApPzQROwcaeM0eRkr7mNqfGC1VW4HgVF0SyQlJSSIdj8O-Fa4yBegv5hwrLjMgL1juq0Vsx1Gb4xvTj8Ve3sG30P-CwWEBTmxVmmrwidHTaJuw98_DscSa9yjnU6ZcrRwkxf5ikPdCsnEcPuBTNVgznzrUUOGIXyotsnauGoFNJKkiF8KfOkiq0n8fkxBRCIHWKbjOHUP0ZF4zWvVSg5JdN6BvDU2TZH98qxqHcfbc59eP8DOUzAmf-mN7jbhvP0eoFNFyORQQ9nARbAO2x22n73g9EuwSoAGIv9RfVMM0KfXsQnnqNL_OJoWvIwBFmbRlzTC1VCT86NuogaQW3PCKKqU5TSlKPBpa-7sTuFol9qako3YpmcjUVZDelISkxAWBmIJLZ7SNqJ3B8gL_XhToe1dYif3sX3jQz_UHRzaeBKhh7wSbWeDmrFtF1sWmqZjcBkk4VDNLhBrcYLp7jRDoUpFWtbby-CktihRIAH5Ai-iaeJVCbU_NWkMSZJeENg8MQeK-0pRNcaqQsbD2BO0DP6S1T7dveG90hrPiNOuPwhCDHwoSEtkOsZweeSMfbGWM5UDTHPyyux3HlYqlPQtKkRPCUSWRhMKJ_LWaldk-kWKiOjDYlmBrKyvdfuR9vLhKPmjUX_jshlnY449-FolRrneD8cMu5jjH0EclmECzLznBe9pJhhqtNCZEXlGObKPsiPIfA48V0KoIGjvkNv98jSG8UjjSzKGPT8X3eSLjkIb_gObz-Vyg8eXf7_fP9vRUtnIuABdh5qF7ZrxtlJ7AE800BsliiPfWVCcjGvf1KEpnXm0qlcuRpghbAHM1DaCeaHdnGdvsqraEV-NqnaVhpx5xf89mcKKPXwzJvcrAr8fw1xsnNu-niRSXgcK0a5mPnjLyHs8OD5kEAEUeqiWRvPJ8eK4ky-O-HMugfiCi9P05ZXvg4iUjPE46Jy1Jaq5USkm_1gt4L0S-Udp85WNkvEvit8JkkR4MT1J8uetfgS9AS8cm348Ldq95wZ5AHFJ-mj1GUfczv6oefpda6CLmLybux_GZVbHJ44UmDoF7QV252SCeTFhEhm35ugbrggTed3Rdy7InfPTytZZcX4kzyGdoOy_QvRP6nHpTYJv1moilWl4K8YJDTICdKi4bRo7h96tbOdAcTJJLMcAv6Uul_-wNNOu8MQwCNfMODdNSXYuvGhHonVpUM1az2Sm8jz4NoNXxft3QVWkcTa1ZuULcbeqFgqbEt8YPQSVUpHd8f8IsRC43STurJhzlc&cid=CAQSPADICaaNVkFexjEuKV5Z-eND0WchB1FuPwag38lc9fEwIIVNyp5j8Hj78iEBpsHgAozF3Bfww2ry3cetzhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=15733100555584647000&adk=4188270525&idt=125&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
f20a6d4f7446e90fb990e543c1307836a217e5e61104d8dc0dfcf82bd3c8d616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39135
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-ams21030-AMS
date
Sat, 18 Nov 2023 23:36:02 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame 8849 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5d26306d0240b4b8d05a271368cd0db01bf647a518ded0c8c7394eed97ce58fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137248
x-xss-protection
0
server
cafe
etag
12204827010449188375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:02 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 193E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
5922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 21:57:20 GMT
etag
16674218716276178799
expires
Sat, 02 Dec 2023 21:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
cds.taboola.com/ 		0
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 06:17:50 GMT
x-content-type-options
nosniff
age
62293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 04:55:47 GMT
x-content-type-options
nosniff
age
67216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Sat, 18 Nov 2023 23:36:02 GMT
khaos.json
token.rubiconproject.com/ Frame 39E1 		7 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0E93 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 23:36:02 GMT
pixel
cm.g.doubleclick.net/ Frame E6BE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNWF394cVdafEiMFZb_DantsRTJpit55VZOt1mKIORqpIkVEBN52O426hDM5Ix6qmS_lxyqlBj9hjW_YmpIzEU0cdwctrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E6BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNWF394cVdafEiMFZb_DantsRTJpit55VZOt1mKIORqpIkVEBN52O426hDM5Ix6qmS_lxyqlBj9hjW_YmpIzEU0cdwctrA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jydCp0mqWmTnYP0iF2wYE45beLcVyFamiYwDSHLxxE6jC3z06PHIBE8K44IIsjypsIbbmpG4ZZJxA7I4y40ScbbEG3LutI1mtj7gP1A5wzlryIv3Vd9K7XDBwF%2F%2Bfy0VK2l8rHt6JBKnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
828408886c590221-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYP7jgGrAtC5FhLQ9x%2F3D47mJ7LdxNiobdPYu7%2Fn3w6fBoTQaW7wLpIGRMInC5jJ5SZQ06MdFV5IRbEWijm%2FFi4eOIxwIYR%2Ff%2Bk2J6HbENaZscmGlmYhCCu9tF%2BGpm7ky0DjL0J7liRCdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
cache-control
no-cache
cf-ray
82840887fe660219-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame E6BE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVlKYixMYebMuplBAlkvygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNWF394cVdafEiMFZb_DantsRTJpit55VZOt1mKIORqpIkVEBN52O426hDM5Ix6qmS_lxyqlBj9hjW_YmpIzEU0cdwctrA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKwxbS46A7vtDe6GAq66O9LjMqVUznRuTx8Qrv0po2RSAOp%2Bo0ypDvQoIoXz1gNMp9tTR97i%2B6jAjdEbh9fcO3MHoWMVefX4Nd56wGB%2Ber7VBDEq5J7Y%2F1qitKcfaJVFvNHE%2Bq7gO7BL2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8284088bda140221-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9A49 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNW6sWpdvB11TJc1LoLLXoPbtHu8Jva1DbpnKtmM1l3JaNzXY9S5IrAZuOlyEOTdCxA_aHDHdnhrSYue5JA1FISyIpVz8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9A49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNW6sWpdvB11TJc1LoLLXoPbtHu8Jva1DbpnKtmM1l3JaNzXY9S5IrAZuOlyEOTdCxA_aHDHdnhrSYue5JA1FISyIpVz8A
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NZFNRr2AW0XWoBD9GxXmkiWJy9BKxOIVtxISxyc4sRI146YaccceibgVO%2B8FLiP50Ym8y9FGOMtK%2FQwzop18DPpYNE4EHzA290elLvAMI164p%2FASlLYVtjn5YY3osWpFsxEFsVP0lm45A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
828408889ca60221-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPoTdjH2e8TkldhEn47%2BLaCFNqpkMcfGKnYHjKUXp%2BRMdN%2FBMw4XhPWGoXLMCX481BV%2F%2FtQrecHcVU1x3S9WTuE5PBj%2FWLbj6j3dD%2Fn0YxlRvZv0A%2BupYIOAqAOgb6ibGyJ%2F%2F6m%2FmIQHzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1&C=1
cache-control
no-cache
cf-ray
82840887fe6d0219-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 9A49
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVlKYqCSXzBvE02eIQk4qQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
0
0
480_650.mp4
cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 18 Nov 2023 23:36:02 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
idsync
sync.aralego.com/ Frame 39E1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP4OTLUF-G-2PUA
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP4OTLUF-G-2PUA
0
0
ypd_assemble_html5_ad_v2.js
s.yimg.com/ch/html5/ Frame 2DC0 		1 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/FJ58K2LjJ80SbkWSzpVQe9BG9QKa4ZWY-Cv48X4JDfCtceCEIlw2yhScjfQi174c8S1MsJnEI2CrtRTtuy8g3pJ3GzECh9UQFXzVawI-ccWP6kXKdVUvmkmUKjhFVzUqAYyd8KmpZnFe94PCj3Dw6b-tsSvPLgPbAYemIR28aQ7Ms4JDuVP3xdN9avVK141ptPj02-C3NsT7oLJiBByoWF7bw89zWTqulI2EGzIfCdUneWuO6dT-vKq1KpG-oU1V0c6TDZ7D6VwSdUTVHlU0uzar6Y-2D8aLG_3kyxgDxTSXxLJwCTrAw_NKwOyZKv3BIkQWqOUoK6lrh_xO89y0ma_a7zP-vT6p-6DAOip-eiJkoAVY1ekNPDOAKwwYm6p0I_DslvKOCC93yH-VpiaYI4dBIM8slaoKmf9erbgqKWFOayZjXCPGDlR4CysCCbLTPr_gOW-KSrjm9o4JpIvtcY-eKJSZv0_6rQSouOrfR2aoFkIMW2GYqgJyL6dmUkpZ4OAxib8HpGJngz5ac9Y_VyRZspE9J8gikAmVvgbyhfgoXmKFVmRLGdfJ76Xh-ZIU_eIlpHhsOBO5iDOlZYtoZfYCGQE5E3JQCdZAsxzk3z1K-mZtApbtF9pY4ElFj0bwnzJS02RSGHdKNT3Qq3X8ORPd9vOBTX7dCv2KHJ_vikBLJfDw9MS8nAfMdQR1NCJ6QInD1fh9zewegw-13TQH4PsBoYJv0ZZ44tb2iPym-qG3syT6pUt1qIomF4yVTwpGQD-wpfgeDwgBmtGVYFWQk8lM0p4Fzy0hRgNYSa4YAppQtt3UiBrOntuoWcXuB5CrgKXYoPoOnEM49zJrhWntCYLBUGX6FTrOzYLW-xHoCGwTvHbEsyF_6isurX_JUZDHJ8HEddc_jUNVRmOesDPayL6r_n62ryyG1Ffs9dMVstVlMsOjbqWcW1lro7Zx_NOD6MEQ1C8Av2L2gtJciRZZWPXoTH-FZ_7X1qsvF-7U-WAf1YubJZOKJveIF-VaKU1mh0BCUaCFYOXwBC-icaieVFHAAqx0P-xHhm-ENj4Ys5tkoTAVaG9Fh8B-OjViQeU2yyYA2-mfsT0m3D3GduDKAdrexwMEiwdLLO6s90KRArkBiC-PF2G1uDJ2C--blQ0JTFbtlzgwjSu_Xa60xeqyD6uF967IaGTk9YQpfQcPuFlAELGBjzvFYQdG_Vkh3sEuco0NEz3_DjmTPnpkivUzUi2tLtc188ypvYv4tvpPEe-uR_tBa49uq9rUfS43dTruabb1NuCMKSre06dhXSFzdUUXQIyhkcCWR3zS6R1VUgu5XecHJMEf_CVGpTnvI6FeG8soIZ_YGcCmjYFm3r0eStlfQZvEDaf3oBPzTF_SMLnBkiECCjfjCBxRx0Kzs5uCx-BprAi8L8LYnQDDnU78Qj73K66vwNF0/wp/0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 10:54:04 GMT
x-amz-version-id
null
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
P98QQ4SDKHHKSW6X
age
45719
x-amz-server-side-encryption
AES256
content-length
639
x-amz-id-2
02ED/tGsPohieqZKFGZhJt4Ul2ioc0BZg3ZLQya4Z9IuMlV7/JqMgK+bHhVA5cQhPCtFSPZDaVPm33H4GvChOw==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Apr 2020 21:31:50 GMT
server
ATS
etag
"4e35383cafebd24c53a0b609c80aa6e9-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
inside-20.js
cdn.js7k.com/rq/iv/ Frame 2DC0 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside-20.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/FJ58K2LjJ80SbkWSzpVQe9BG9QKa4ZWY-Cv48X4JDfCtceCEIlw2yhScjfQi174c8S1MsJnEI2CrtRTtuy8g3pJ3GzECh9UQFXzVawI-ccWP6kXKdVUvmkmUKjhFVzUqAYyd8KmpZnFe94PCj3Dw6b-tsSvPLgPbAYemIR28aQ7Ms4JDuVP3xdN9avVK141ptPj02-C3NsT7oLJiBByoWF7bw89zWTqulI2EGzIfCdUneWuO6dT-vKq1KpG-oU1V0c6TDZ7D6VwSdUTVHlU0uzar6Y-2D8aLG_3kyxgDxTSXxLJwCTrAw_NKwOyZKv3BIkQWqOUoK6lrh_xO89y0ma_a7zP-vT6p-6DAOip-eiJkoAVY1ekNPDOAKwwYm6p0I_DslvKOCC93yH-VpiaYI4dBIM8slaoKmf9erbgqKWFOayZjXCPGDlR4CysCCbLTPr_gOW-KSrjm9o4JpIvtcY-eKJSZv0_6rQSouOrfR2aoFkIMW2GYqgJyL6dmUkpZ4OAxib8HpGJngz5ac9Y_VyRZspE9J8gikAmVvgbyhfgoXmKFVmRLGdfJ76Xh-ZIU_eIlpHhsOBO5iDOlZYtoZfYCGQE5E3JQCdZAsxzk3z1K-mZtApbtF9pY4ElFj0bwnzJS02RSGHdKNT3Qq3X8ORPd9vOBTX7dCv2KHJ_vikBLJfDw9MS8nAfMdQR1NCJ6QInD1fh9zewegw-13TQH4PsBoYJv0ZZ44tb2iPym-qG3syT6pUt1qIomF4yVTwpGQD-wpfgeDwgBmtGVYFWQk8lM0p4Fzy0hRgNYSa4YAppQtt3UiBrOntuoWcXuB5CrgKXYoPoOnEM49zJrhWntCYLBUGX6FTrOzYLW-xHoCGwTvHbEsyF_6isurX_JUZDHJ8HEddc_jUNVRmOesDPayL6r_n62ryyG1Ffs9dMVstVlMsOjbqWcW1lro7Zx_NOD6MEQ1C8Av2L2gtJciRZZWPXoTH-FZ_7X1qsvF-7U-WAf1YubJZOKJveIF-VaKU1mh0BCUaCFYOXwBC-icaieVFHAAqx0P-xHhm-ENj4Ys5tkoTAVaG9Fh8B-OjViQeU2yyYA2-mfsT0m3D3GduDKAdrexwMEiwdLLO6s90KRArkBiC-PF2G1uDJ2C--blQ0JTFbtlzgwjSu_Xa60xeqyD6uF967IaGTk9YQpfQcPuFlAELGBjzvFYQdG_Vkh3sEuco0NEz3_DjmTPnpkivUzUi2tLtc188ypvYv4tvpPEe-uR_tBa49uq9rUfS43dTruabb1NuCMKSre06dhXSFzdUUXQIyhkcCWR3zS6R1VUgu5XecHJMEf_CVGpTnvI6FeG8soIZ_YGcCmjYFm3r0eStlfQZvEDaf3oBPzTF_SMLnBkiECCjfjCBxRx0Kzs5uCx-BprAi8L8LYnQDDnU78Qj73K66vwNF0/wp/0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b881933fe54cb1f5fff57af861b24625152804dc14462501e7f1fde3b11fe4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
MABV0HY5PD7V620C
age
3240
x-amz-server-side-encryption
AES256
content-length
14351
x-amz-id-2
rdousHVumHDDeKsOg6JvR4kxFv9TIgP1ozltfR+GeIK0mmz5o1silHyz73+3oXSAoeA3f3ru8xc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"f881746c8b26f5492cfb9be16c44dbcc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3D8B 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Origin
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 3D8B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CItqpvxfBISbNDDGDGd9OOq6JK_FIdHm9graDtxSAbxkp_uv7snIVO8LWoPm_OnygDa5yBCv_tV8EvSy7YUmE0lyADbku-CA0KCAYccv0rGBF8sF2KGfSVVfDX1IhcYQNebtW5ujehB8ii0nP89LQCqq5SrZdMHW4uSLAUSjMIHdmcb4w&dbm_d=AKAmf-B_JkMPZR21U5M0jQzuwmQVqsgtxaAsYAV8ZMMw7zFvaxF1eQC5C7No89zldaMR6oJ8LXkvHMZoijz_YvwGHNBCRs7RawqlGwwgasB2Lnzo0BT9bvm3jG_F81V0C6tfHFo39RbE2ILpDkw6qIfKYSbB1zclLQyjIhScsPzsLkY-q-Z9_t3N30zYCGGzfKap-FPhL6osm94EBG38itCJ5SzOh7mEl3IrR9K5vjZ3Fk0jRpziYpT5m7rfUDrpA2W1JJX8f5QehjoATpMpmFxer90yAkLEq_eg2nOfIo7He1dKwVR1Z_p0qtZaY2jYMriKALjHw4B3VDMTSvAbL_Dk6X3RL0j7U6PGpqRUT9NDHAjh118d7lEU58iEtXM501nCa3VUfoxD_8aCaZiSbvUIaoVyDPe899UtzQlQoWbILTM34AIBsxCEadkVjKYD9GJA7bmSgoIGJqjT4nN3P1-tDQtg5YBbtojsY7I2UHcx2x_WM04WNtj0e028WPsvABkI_vHrbkZBUTrHMd_zE5gin2L42JpSI2gY9RJWgaWFRk_RIyrnSDnc0ndSQVB0BrEjzRqPXufDyYh_-7_OYmYLHoLP6JeIynwaQEPh_0OZ9uaDaW_SrNx0kxhzvENq1fxZV8HO6O4lU6zYwgZq0RQh3YRmDwudVhURhYf1-m23_gkhbWnpsYbOhnfH3g2kkXIw2oTCFwmANCoMD0yioD4dZcvI79Rbz6yhUmBbhuAPuJW1qpLSdS_uW71dliGVeRTGFqRbaUnDTQ66bGQq3prFLMBqbcWio70hejjDkBb8XCjeuGZu9hAQjpYJ28tX9HjiiytC4vzF6j5B15z4lr7hKnmT2rNwGLqAwthtenfkA2lAXRh0SEeVea91-_8_l9x3rowJ058J-o0u0qr1GbimH2j4PXB6qRZDUxDNhz-LD9ZsKeuk_3hyyiJhBIyKdGUbOdSAZV1coYmkY067eHS3nt20EzP-aEiqquAQXVG51nCEROnjj0NyBqznIsvc_vGqORDFcn10oR9FdClFxvuPfwKc8YhdGuLmBNZO1qV5ihCaryFKCnIt7tsW3ak5DOeV3fQTmCCyOmg4W70PUfV3iqCV-Azu19gYeASknFTDf6bOHgOPVXU6Jc3IQY4fHp_cY4A89xggE4_sL83mOO-6MQbFXxjADI2MwSWY6YDQRHz-iRNEjbnVr2pyDHkUwRi7sFwC8q1PYdrrZEGHXPOOoXPFiBQlQwZyw3aWZ1cMWp2wqZjYKuTrEYGVoeL33gmL0d6UzBLiO4jhms_DYdtS4ZYSVPOwi9MZN6sZ7cMqWBz90LFcfHqbNtto3Y1NKvp6xY0iJbVsNfuvrmKvnc9RKJgCsnsyOAJkE-1uYUEnlF3cHCkV7YK1c_Z0x8ksgzMRNW16rFlnSo_ppXtiL6ksDXG1sZ8A9XJr_emNIGeOM8gRDDWkxYjHZeYljKl8m9hr5yxCv4VrRoLVoyVnSqCOLFSETPpnhEMPGXnS9ycH-KwTEj4gxu-_LzN-QnBbXHpeopNCUljDeMZSxiS3E2bOwYnaunHtJE6wi5mWh5nnj40Wsfs9tvbbCrdSeoFM9IKME7oOVra6CvKu4NIz8X6G5GFSK0YHOq3kUjhh8dUZNVlrshcndXEEuOfGzn1uUw26Me6gW5B2hZapRzKNQSrqslzb1AIt6OLQ9Z4ZmkqGsp5fbBSPruxWjwq0oFXUzunhT3V8iDTVH-etw_d7D1BawFberF8NwDBwvMe_a2xGU0XNt0AboDhNUL0sF8lO3sa8ed-2G3uQ7lcQXzvC8ee7Etrv7tU9A1XC45X4kQlvHhiVInLdPcgWnYlhyAlHpxzNAgVv4tG3rc-WMIvwCYZa3ZB213qvtp_pT-KZfxSW6Q2Htki8Q3NMA3JsKxZOqeD1GOMvcjA_9kINi1sSjVdGdtXtsgM7hgZlxb6PhseM0_KsRDzDA_5d9oH23sMVItLydz12drikPUC8k5Lx0WVsGli1mZSKuE0OE0rfPH0ckfiIurhF6eT9Z-A-WYQP5okaq2XHTpkWMvBryzyuunK7153yastGUyVs6ESg0JbA0Ixq8Y2032XFqftkotJXInNq8GH02WFEZx_lWrwbfcYM8KT-JeF-jyyVn8o1SU_tuvn241Q5zb1ZlwhZMYmMwhUQRetoZwY8NdPXew9z3h2KI_2ghWmBZqqpaSRpVyZ960u1qmW-2KWF3Fz1-lIMY109suMYRVM_1X15hC_Ket6-47ovCt3kXCwsrHKx6JS8U1JRNBdmRKIseSdjYwsYtPumeRGMx_7Zag48YYdn-fT2AKtd2Z1K7m4SQtd4fFSZpVCPUUauG6gzU78ndh2gHqb8aGxvElFWycodoi_HKHuPGOOwGxHuKo9RZurf9TJ84EvYhA73AM1jGHzIKVVqXu6LShxsBDDHwmZ2OekKz70LkJzgQjwm2kv32bR12ZwMFoGVBKJqQLZtUbgpXn-oBENv2IwxMERqhZjJlMlepbndI1spG2Z46U4vQMZujKDglUTqVSSRFYEVUKnh-HgXFSM8Gih_R86TOFdP44MZh6ei7k_vRLtQ1XIOyEw_2d3G0ilq6LcgEpAjkUCFBLhAwkvsdj2VESh-p3AVfVfCyD2ODZxopoJ-o5QPPXLOo4MuSOWfW2cAR7FbnwMT9eWYJipKPUGzy8d4uTCoZC-HeEYc84zimzV4HsWvSMZiIYk-Ln6n632bJABj_jQSLIBEtUFtF7SLdVYo1JPoiL0xoT9ZdWR8TTK8ExEfIdsropTU25-8otIcLSH9Pg3izY3zozuCk4OWaCroSu7ws0sDid5z2BE-0YXPqFl-lZ_sV3ZG9gDuBvk_2G4LSfdkCcBacpYam6HDh5uXgDMCCU_P0KsfftaJ1QmNR4waEuof2YBMVGjgAYNsJqX-ZFpAApPzQROwcaeM0eRkr7mNqfGC1VW4HgVF0SyQlJSSIdj8O-Fa4yBegv5hwrLjMgL1juq0Vsx1Gb4xvTj8Ve3sG30P-CwWEBTmxVmmrwidHTaJuw98_DscSa9yjnU6ZcrRwkxf5ikPdCsnEcPuBTNVgznzrUUOGIXyotsnauGoFNJKkiF8KfOkiq0n8fkxBRCIHWKbjOHUP0ZF4zWvVSg5JdN6BvDU2TZH98qxqHcfbc59eP8DOUzAmf-mN7jbhvP0eoFNFyORQQ9nARbAO2x22n73g9EuwSoAGIv9RfVMM0KfXsQnnqNL_OJoWvIwBFmbRlzTC1VCT86NuogaQW3PCKKqU5TSlKPBpa-7sTuFol9qako3YpmcjUVZDelISkxAWBmIJLZ7SNqJ3B8gL_XhToe1dYif3sX3jQz_UHRzaeBKhh7wSbWeDmrFtF1sWmqZjcBkk4VDNLhBrcYLp7jRDoUpFWtbby-CktihRIAH5Ai-iaeJVCbU_NWkMSZJeENg8MQeK-0pRNcaqQsbD2BO0DP6S1T7dveG90hrPiNOuPwhCDHwoSEtkOsZweeSMfbGWM5UDTHPyyux3HlYqlPQtKkRPCUSWRhMKJ_LWaldk-kWKiOjDYlmBrKyvdfuR9vLhKPmjUX_jshlnY449-FolRrneD8cMu5jjH0EclmECzLznBe9pJhhqtNCZEXlGObKPsiPIfA48V0KoIGjvkNv98jSG8UjjSzKGPT8X3eSLjkIb_gObz-Vyg8eXf7_fP9vRUtnIuABdh5qF7ZrxtlJ7AE800BsliiPfWVCcjGvf1KEpnXm0qlcuRpghbAHM1DaCeaHdnGdvsqraEV-NqnaVhpx5xf89mcKKPXwzJvcrAr8fw1xsnNu-niRSXgcK0a5mPnjLyHs8OD5kEAEUeqiWRvPJ8eK4ky-O-HMugfiCi9P05ZXvg4iUjPE46Jy1Jaq5USkm_1gt4L0S-Udp85WNkvEvit8JkkR4MT1J8uetfgS9AS8cm348Ldq95wZ5AHFJ-mj1GUfczv6oefpda6CLmLybux_GZVbHJ44UmDoF7QV252SCeTFhEhm35ugbrggTed3Rdy7InfPTytZZcX4kzyGdoOy_QvRP6nHpTYJv1moilWl4K8YJDTICdKi4bRo7h96tbOdAcTJJLMcAv6Uul_-wNNOu8MQwCNfMODdNSXYuvGhHonVpUM1az2Sm8jz4NoNXxft3QVWkcTa1ZuULcbeqFgqbEt8YPQSVUpHd8f8IsRC43STurJhzlc&cid=CAQSPADICaaNVkFexjEuKV5Z-eND0WchB1FuPwag38lc9fEwIIVNyp5j8Hj78iEBpsHgAozF3Bfww2ry3cetzhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=15733100555584647000&adk=4188270525&idt=125&cac=0&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 3D8B 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CItqpvxfBISbNDDGDGd9OOq6JK_FIdHm9graDtxSAbxkp_uv7snIVO8LWoPm_OnygDa5yBCv_tV8EvSy7YUmE0lyADbku-CA0KCAYccv0rGBF8sF2KGfSVVfDX1IhcYQNebtW5ujehB8ii0nP89LQCqq5SrZdMHW4uSLAUSjMIHdmcb4w&dbm_d=AKAmf-B_JkMPZR21U5M0jQzuwmQVqsgtxaAsYAV8ZMMw7zFvaxF1eQC5C7No89zldaMR6oJ8LXkvHMZoijz_YvwGHNBCRs7RawqlGwwgasB2Lnzo0BT9bvm3jG_F81V0C6tfHFo39RbE2ILpDkw6qIfKYSbB1zclLQyjIhScsPzsLkY-q-Z9_t3N30zYCGGzfKap-FPhL6osm94EBG38itCJ5SzOh7mEl3IrR9K5vjZ3Fk0jRpziYpT5m7rfUDrpA2W1JJX8f5QehjoATpMpmFxer90yAkLEq_eg2nOfIo7He1dKwVR1Z_p0qtZaY2jYMriKALjHw4B3VDMTSvAbL_Dk6X3RL0j7U6PGpqRUT9NDHAjh118d7lEU58iEtXM501nCa3VUfoxD_8aCaZiSbvUIaoVyDPe899UtzQlQoWbILTM34AIBsxCEadkVjKYD9GJA7bmSgoIGJqjT4nN3P1-tDQtg5YBbtojsY7I2UHcx2x_WM04WNtj0e028WPsvABkI_vHrbkZBUTrHMd_zE5gin2L42JpSI2gY9RJWgaWFRk_RIyrnSDnc0ndSQVB0BrEjzRqPXufDyYh_-7_OYmYLHoLP6JeIynwaQEPh_0OZ9uaDaW_SrNx0kxhzvENq1fxZV8HO6O4lU6zYwgZq0RQh3YRmDwudVhURhYf1-m23_gkhbWnpsYbOhnfH3g2kkXIw2oTCFwmANCoMD0yioD4dZcvI79Rbz6yhUmBbhuAPuJW1qpLSdS_uW71dliGVeRTGFqRbaUnDTQ66bGQq3prFLMBqbcWio70hejjDkBb8XCjeuGZu9hAQjpYJ28tX9HjiiytC4vzF6j5B15z4lr7hKnmT2rNwGLqAwthtenfkA2lAXRh0SEeVea91-_8_l9x3rowJ058J-o0u0qr1GbimH2j4PXB6qRZDUxDNhz-LD9ZsKeuk_3hyyiJhBIyKdGUbOdSAZV1coYmkY067eHS3nt20EzP-aEiqquAQXVG51nCEROnjj0NyBqznIsvc_vGqORDFcn10oR9FdClFxvuPfwKc8YhdGuLmBNZO1qV5ihCaryFKCnIt7tsW3ak5DOeV3fQTmCCyOmg4W70PUfV3iqCV-Azu19gYeASknFTDf6bOHgOPVXU6Jc3IQY4fHp_cY4A89xggE4_sL83mOO-6MQbFXxjADI2MwSWY6YDQRHz-iRNEjbnVr2pyDHkUwRi7sFwC8q1PYdrrZEGHXPOOoXPFiBQlQwZyw3aWZ1cMWp2wqZjYKuTrEYGVoeL33gmL0d6UzBLiO4jhms_DYdtS4ZYSVPOwi9MZN6sZ7cMqWBz90LFcfHqbNtto3Y1NKvp6xY0iJbVsNfuvrmKvnc9RKJgCsnsyOAJkE-1uYUEnlF3cHCkV7YK1c_Z0x8ksgzMRNW16rFlnSo_ppXtiL6ksDXG1sZ8A9XJr_emNIGeOM8gRDDWkxYjHZeYljKl8m9hr5yxCv4VrRoLVoyVnSqCOLFSETPpnhEMPGXnS9ycH-KwTEj4gxu-_LzN-QnBbXHpeopNCUljDeMZSxiS3E2bOwYnaunHtJE6wi5mWh5nnj40Wsfs9tvbbCrdSeoFM9IKME7oOVra6CvKu4NIz8X6G5GFSK0YHOq3kUjhh8dUZNVlrshcndXEEuOfGzn1uUw26Me6gW5B2hZapRzKNQSrqslzb1AIt6OLQ9Z4ZmkqGsp5fbBSPruxWjwq0oFXUzunhT3V8iDTVH-etw_d7D1BawFberF8NwDBwvMe_a2xGU0XNt0AboDhNUL0sF8lO3sa8ed-2G3uQ7lcQXzvC8ee7Etrv7tU9A1XC45X4kQlvHhiVInLdPcgWnYlhyAlHpxzNAgVv4tG3rc-WMIvwCYZa3ZB213qvtp_pT-KZfxSW6Q2Htki8Q3NMA3JsKxZOqeD1GOMvcjA_9kINi1sSjVdGdtXtsgM7hgZlxb6PhseM0_KsRDzDA_5d9oH23sMVItLydz12drikPUC8k5Lx0WVsGli1mZSKuE0OE0rfPH0ckfiIurhF6eT9Z-A-WYQP5okaq2XHTpkWMvBryzyuunK7153yastGUyVs6ESg0JbA0Ixq8Y2032XFqftkotJXInNq8GH02WFEZx_lWrwbfcYM8KT-JeF-jyyVn8o1SU_tuvn241Q5zb1ZlwhZMYmMwhUQRetoZwY8NdPXew9z3h2KI_2ghWmBZqqpaSRpVyZ960u1qmW-2KWF3Fz1-lIMY109suMYRVM_1X15hC_Ket6-47ovCt3kXCwsrHKx6JS8U1JRNBdmRKIseSdjYwsYtPumeRGMx_7Zag48YYdn-fT2AKtd2Z1K7m4SQtd4fFSZpVCPUUauG6gzU78ndh2gHqb8aGxvElFWycodoi_HKHuPGOOwGxHuKo9RZurf9TJ84EvYhA73AM1jGHzIKVVqXu6LShxsBDDHwmZ2OekKz70LkJzgQjwm2kv32bR12ZwMFoGVBKJqQLZtUbgpXn-oBENv2IwxMERqhZjJlMlepbndI1spG2Z46U4vQMZujKDglUTqVSSRFYEVUKnh-HgXFSM8Gih_R86TOFdP44MZh6ei7k_vRLtQ1XIOyEw_2d3G0ilq6LcgEpAjkUCFBLhAwkvsdj2VESh-p3AVfVfCyD2ODZxopoJ-o5QPPXLOo4MuSOWfW2cAR7FbnwMT9eWYJipKPUGzy8d4uTCoZC-HeEYc84zimzV4HsWvSMZiIYk-Ln6n632bJABj_jQSLIBEtUFtF7SLdVYo1JPoiL0xoT9ZdWR8TTK8ExEfIdsropTU25-8otIcLSH9Pg3izY3zozuCk4OWaCroSu7ws0sDid5z2BE-0YXPqFl-lZ_sV3ZG9gDuBvk_2G4LSfdkCcBacpYam6HDh5uXgDMCCU_P0KsfftaJ1QmNR4waEuof2YBMVGjgAYNsJqX-ZFpAApPzQROwcaeM0eRkr7mNqfGC1VW4HgVF0SyQlJSSIdj8O-Fa4yBegv5hwrLjMgL1juq0Vsx1Gb4xvTj8Ve3sG30P-CwWEBTmxVmmrwidHTaJuw98_DscSa9yjnU6ZcrRwkxf5ikPdCsnEcPuBTNVgznzrUUOGIXyotsnauGoFNJKkiF8KfOkiq0n8fkxBRCIHWKbjOHUP0ZF4zWvVSg5JdN6BvDU2TZH98qxqHcfbc59eP8DOUzAmf-mN7jbhvP0eoFNFyORQQ9nARbAO2x22n73g9EuwSoAGIv9RfVMM0KfXsQnnqNL_OJoWvIwBFmbRlzTC1VCT86NuogaQW3PCKKqU5TSlKPBpa-7sTuFol9qako3YpmcjUVZDelISkxAWBmIJLZ7SNqJ3B8gL_XhToe1dYif3sX3jQz_UHRzaeBKhh7wSbWeDmrFtF1sWmqZjcBkk4VDNLhBrcYLp7jRDoUpFWtbby-CktihRIAH5Ai-iaeJVCbU_NWkMSZJeENg8MQeK-0pRNcaqQsbD2BO0DP6S1T7dveG90hrPiNOuPwhCDHwoSEtkOsZweeSMfbGWM5UDTHPyyux3HlYqlPQtKkRPCUSWRhMKJ_LWaldk-kWKiOjDYlmBrKyvdfuR9vLhKPmjUX_jshlnY449-FolRrneD8cMu5jjH0EclmECzLznBe9pJhhqtNCZEXlGObKPsiPIfA48V0KoIGjvkNv98jSG8UjjSzKGPT8X3eSLjkIb_gObz-Vyg8eXf7_fP9vRUtnIuABdh5qF7ZrxtlJ7AE800BsliiPfWVCcjGvf1KEpnXm0qlcuRpghbAHM1DaCeaHdnGdvsqraEV-NqnaVhpx5xf89mcKKPXwzJvcrAr8fw1xsnNu-niRSXgcK0a5mPnjLyHs8OD5kEAEUeqiWRvPJ8eK4ky-O-HMugfiCi9P05ZXvg4iUjPE46Jy1Jaq5USkm_1gt4L0S-Udp85WNkvEvit8JkkR4MT1J8uetfgS9AS8cm348Ldq95wZ5AHFJ-mj1GUfczv6oefpda6CLmLybux_GZVbHJ44UmDoF7QV252SCeTFhEhm35ugbrggTed3Rdy7InfPTytZZcX4kzyGdoOy_QvRP6nHpTYJv1moilWl4K8YJDTICdKi4bRo7h96tbOdAcTJJLMcAv6Uul_-wNNOu8MQwCNfMODdNSXYuvGhHonVpUM1az2Sm8jz4NoNXxft3QVWkcTa1ZuULcbeqFgqbEt8YPQSVUpHd8f8IsRC43STurJhzlc&cid=CAQSPADICaaNVkFexjEuKV5Z-eND0WchB1FuPwag38lc9fEwIIVNyp5j8Hj78iEBpsHgAozF3Bfww2ry3cetzhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=15733100555584647000&adk=4188270525&idt=125&cac=0&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
27136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3D8B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
106254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
28joMHqVdBZnXzI8oWROQLvyHQ6TUEUVOfchlrz%2FzqLmTmbsVkiJRr%2FrhuMWYjpexbjAM58W%2FigzDXRl5ncCvyivPqySwMm%2FF9jXbpa2jwWGHcbT%2B93NFPDR%2B0lOl5Rm122f45%2BqMyNSWauLaPqR2JUEXTIZ5OdCxYNGlkXcRb0xXALft6vPRGU...
ad.vidverto.io/delivery/video/pod/ Frame 604E 		54 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/28joMHqVdBZnXzI8oWROQLvyHQ6TUEUVOfchlrz%2FzqLmTmbsVkiJRr%2FrhuMWYjpexbjAM58W%2FigzDXRl5ncCvyivPqySwMm%2FF9jXbpa2jwWGHcbT%2B93NFPDR%2B0lOl5Rm122f45%2BqMyNSWauLaPqR2JUEXTIZ5OdCxYNGlkXcRb0xXALft6vPRGUYOksUWSSB1YuUqurK7VLCgm13%2BBFoO6iqZ5Ib8R%2BSELBv8MhQt7W28g%2FfGC%2FnzpJkvCHCrHM%2FGqWgnU2x7XR9toJb8oeKCSrq8m8%2FiYrVraJirLMp%2FQN1TJGOU052V396wfH1ssniX3F%2FLOyqyUgOxOd2vsOCWOTYWjs3gurOn43r%2BDtN3MRBp%2Fay8FpyMGOuHesOtGz2XORCz3xaSTrY%2B55NHP5MDkv2N1MqnVBmEsTq1n%2Fy9ZV1pHGmC%2BKsz5Obl5HxVmfjJI0b%2B7wCSw%2BDzrSGD5n93Z5FPCsczbSEgMZHQLfEveTMpLGyklIAZMW7PQg8%2B2Vqjl%2BTQE8R8FcX%2BGAcSUlsPaTytiJtoNqA6z07Wd65IrHMdoOr8uKM8jw0QWaz2ksuRrZGbZ6lugSc7%2B0NapBNq2MPv56fjGlq33oSTVcX53j%2B2%2FojkWWVWYhBbNbxI8i%2BfxR8U171MSa3ZG9a6xvK3F%2BOmZOfiPOo%2FC9MI6xBwccG1UQjNTZvTCGzff96GrV7lv1Fn7PmHVdA9s96f1zk7oW7%2BqV%2BtExxkI%2F2QBAMtr8Y%2B26T5w9L9tJjbr5kJ3iLmbWM%2BKLIdfiupAl7xerl8gjoBZ3RyCDREAQR9pkJmCF6cyqlwivbI5kncoMiLWgm0wWILvY0TRYcFaMdYbXW84fKdb1XKjNIpTxkI9JbGtA%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f58b1853152b9ac59e6640fab71b64a264d25064f2f10b9cb2ebfee39cd9c4db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Sat, 18 Nov 2023 23:36:02 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame E0AF 		25 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c03fe70fc87cf15f2f3fb55bff2290d161f628433b49bbf99fe62381cb8fd6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12221
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:03 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7925 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Origin
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 7925 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-lep4q7Kh26F32Vlr6wPiVaak37T_oBdmJdSj3dbv-bUMli9GP1HyYfgW7ORcS2lfKVD4k9MPoNZHAb-mE_mkGnxsKeu5ANu1jYITE55AgMH30DYBBTfTd3sW7X6esHSJX3p_EvokheJNT04K2In52iZabC0FQCm9uno5WfDilfLPLMA&dbm_d=AKAmf-D007G1HBdz6ud43ON3MfY1zAc093SKPMiSvi7RlXnEVWfwrlL3Jh730IytV26I4l2V-ABSuSYvQrlbeNtFM1hB5SpY5OvUrQl7QiRuPOEErW2cwr4abCZmI6dD9OwtC4ohHYHX39AR_tFgRX5nhNczsM_v8pttZePbdr9kWWDPoKEsDLwqcJ_eA_gO820sDEY7CiCrsF8sbUiH8EQTHxNiC4KsqrjmowIQnYynurJrnOVgp84Fxh_TWTGpVCWEBnJGOQG_LqESaPKddnmOebFhvROvQEWbRKNE-lQ9vT7-E9mXFCXtR8_9ROG7eUrhHPHVvGkK9Vmp9AKp9RbyIOVuBgOpRlvC_zc7X-c4tFC9i2qi2bTvA-LCwZhX8oNMr6eA9lfHuwGt2osYq1Q6sInsM3meXENOHWc5wRXyYtxqDbM9-OxLfIw-dEdoN-merQsPk0cXXjcR7L6VKOMdwP5XGzFKyDeJy4hlttz1EJnXaHZbPfirFkFNOfgJij5FX6iJlQNJJR4UT5LviQOIR1puucRx7tF9Qfgi8KvjppD2PdmXwdzanS_EdEOSUpN79Uv6bbatC3asRyzy7m5SMvKmr8bQMDIVBTOys2WJ0rUZ7IQFZUwGa6EXSnh75RHS5AXMHuS3ALs30qBG3vB9c2kA85VijBa3SI-mhDI8Zjw9PYWBDKLdMEP-R3OQ9f14SWjzggJQcXOPGL68ciOSaE8aLOqT4bW8cNhJCPFcoQv6ige-Dv-ww9ZZaR_5fU_9Pk9vvhjdI7vWbGqK0KljbfOPEDLIHSpcLswaGhUlWy5QvsOcBUjbSTMkCyg0yJ1UGEP5pAcXjD7VrkEJnvSF75Op_AudyHLnFt5pphyvSnfYQ1g4ybuEDSfgUkRw0tZQGqEkfaMRg3HD3hb7XOyPRHW4-wSqyh7ClQP-k3jC37LTOqcS0EEvZPWuWeEJgYKCmZajZx3LOs9Pizt3LCn79p3t45AEG7--p3Gc8zr_AiFfQ8Zk7BZndJpc-nTjJCT-WfPjjEc5IrQfDwDOkD9xvqjMEZYr59qmvBcmNIoPR-wOZZhATvqnaYAf9_B1_gazrAfBH-ecp8AcMy1otUDBYFDARYsBoH1rBC9TkD5Y5xXMAt7nvVRxUvgHVOjTXM15nBJtpEeDHJaKhqmZqoNQkFjMQVRbRtWDG6aVO49xfmXE0g6KZLbzNWh-rw1ac1VItFiFbRDj3-bs84qiD-gwdLCoKRVpr0QtqhZZd9rmn7y9q-ERZ8YKA6X6mywGdO57XcilRqU1Qrqi3VEbUCNmo3tXjt3u7WfqcgFBNEG21iymSeBerwpjQAbdUN7zTMAcH8oAp2EGb8VKdBjKMMrHKEG5G7qr_wlV6kKhzg7qq-ZgceNRuj9YBgryzP5s698vJz5L89v2r2gnkK2ti1XVX5wUSaOoQ6aYgqgVrOsD7X-oMZEKDfpn6eb8IYnoaNmLkKEiVNkFx-dReDTdRppFs7D1jYqn8Pm11Cvsx9sfhD8FfV-l5Mh153XNdFulcEA_NoSJlcxJGJyP6Cfq3kJ7FMJU6_y1KjoXU70aVSkF4xTw-WOhdRcSK_5WGGH1IEF-EukqSimNY2c1uB20hvClJEtezgzGYK7-0fezHRDG-xZ8dUWYWcEEPwpdbHZWgpMJdYo7OccZhVfHdo354RvkAlLFjhUoryrjcu2xuZySwafnJt96m-AssP_5kj8py9lXtHU_OXBktYrUS7rHX-lk8hc6iNude3qXsitsy4Z1kSws5ppjRfcpudP3IXj9QtqCQ3PyPhOA62OHFGu_NjHYKXnyEQCeXcozg1WCpAg7NOmF3-IlUM78b1jey0SqpihZ-mEt6tBMDCPcimAeskpq0-8TbhBdOaWhSBNmVSMu1Pvysx7mhDZZmXFFpbVFoz9Tk9mNruhnaCXbf1YHH3qcCSzlcOMKKdMckhYSEz8_RRDx9vKI6LeWk5phwaGKdTonqGX9YOYmtaYf6r3hm1CnMIwVoZL8oqeujh67oWaWrObBwtNii1_R98n_S1vJ048FTc1xE2NA4p_WfD-bwMOyrz278DhUwvqKredO0oO0RpHIoGZ-MklpiNFYAqlfM28Usu5uTXxuocTvH0s1nKv964Ucg5XBbvL8M7oJit_uTHpRKLZ4hhtD2OYaEtEOQjM7LtooPpGm9wI_LwZbHqYeE6X9s3qU0UIB_IzPRtUtjo14nNx3yDk6RTV5q_TJVOM9fHB1tFXIvhdYuUM9p_qc-FxaNHg9qAZm0HQnKwASPKCADjMOGRMHbCIbzATpbDvhXEYbS0WiHTfC__NbPI9FuUy3ji3pVIfpGQNEgKMn_7hfhKK-y3DnARiG8-43OEXKv1uvrLaknI2r4H4psM8jmRyk6hQoVxa-RWks3Z84DFmbfmpRI72pP7uLOzQxMxWvi7gaqY-vgoP1Cg3GHhs53OpFO5SSMbblUD_XWEZXzaYBwU8XTVwv7kuGHJCs4ijezbsg4zka-nqf6LuBv9zY0PAvLgrBm3fCjaGQmIzCdXYDqTYxCvV0mOkqVz4X07buWLYEtU77eBTd3uqWFUaWgBBwMtZWZLKT31VZLSK-BURFU2dcy2oidyn6hgho4fr6lMMZzsYdBvKKev9eMxiq_kAI_HOj6etv74NMxdK5kwuEtYxO79836lPfgE2NfDAiSASDu4lQlBpVqq70GbndMh4gQ3M_QROneVW9Cxs5PSi_RQEo0lR4KzxIhr_RHLuIy8S08AnDi7jI875eEf7F0iNkS4PmA77rJVBZXHMPJ6sraOdVVviE5DLs7tx9BzYEqHwfoOkKMUftkZzqnFhoyoQdDlcLV68vFhgTTKrgSnJS2sJ63tloT7yG40eu0PogBw3g6JihTtJ31y5D2_pdg6kxGA7LTakSB0Ke-plLTCjwJOXRLCirWsXeZpczZqbiSRroJEFXOR13EgxkjOXUbt7e4K2khIy-6UoLho_dXyIK5XogbuvdrmN_msLpMnpjetc56jGKUhxTYnjzhrBYlYCTexjjaEZOT8ZEakxx6ius-RpAiDf7k04HYr02ODXKYQX2AkS2ufV_wx2hP7qRWDnG6p2AKS0ELejnAXTyU-kEyh9_VZW1qio46UWXiALlwIVdDvt7VO0cTVCXb4eAcaZ1m1ocb5gCI0XD--VnF-52lKfMkkkfJqEfvmj4nrRRQlBzoVfDR8xQaK5-5LmAZyw1J9xwWM-05RUNj4H_SeyfcnI9LuOzt-IPSdJSutfozRVTote3J4sQRkdS33bEwQNO9UHy3y6PzJIfaU4oyxJwkg6bgVgjz5-vYlaUdInCwl2RhVGFLxIl-pEBiytFslCxpQDcafVtZrVjv7oUuiWiqQDt55JMPx41pZnrkUHXbh3ZXUPmuAGKPTwKFbosQEhKdWPFPIVzHTkGO-TQ6UqKUKzmQKPbxLt7Rm7SO_yuBzrWV_VObYjg6FYi_A8pxOeHNTBG4rn9SLrujjia8jclytCEDUXtWpAaVUaUhW-9bIc7vMqHFJ4XFx5NZFBeXb2jEPh-_Ypwltaz3docPkzQ5_20gGApqzaXDNCaxjrhG4Jw1CEiYHsRs1YT7NcVQYe6WvH8ceQ27zIVOWTSg28clJ7UNexpDKOF7lJ6xiR7_rEJmPM5MhKa7pqnf8qRrqV4pG4Hkujf3lIFJW0KHWFcHYC5jqX55Aeko4APS5FeTZJHCaRClehGSg_0yoTMGttM_BIPhk1doPdFclL0x3CeW_Gp269k3lRTmtVT5832xkaJ689aYx6y3k49jzgHrTzzkkjaTuCSA17d7K3Qqva51Fzx3pXD6ATFP7jdhVn_J69oA6YbYCBMFBcFWwZjw7qVc11KBc61RZ0Bb2Mavhj342yh1AP8kMF0F8LU9t_bHlQuohmBAqN5NfAhzXj_khi_2mGTPjc5v7bxx1WD-adD2F8KAZ1vLydtm4XLy431oVQL3icleW7rSml7D1dbmOD-E9qlUxSIMK6RniHudbHD_INJUSSDcB4Tauh-D7dv1dwhYiO67goNFoHdoLLype7Lv4iMKvkJh9gUuKPX5WuhWh5qNg0Pw4AHQJzHbI1kHQEBaVKJBrADHITUou-ZIQCbSbpY_fJaAjwBDcXZtyTAgZZfiTNPx_XS-y8mmuIcLWPyEy751zdMTqBR9-8mcYbWYmV6hPiOLTD_iMrSttlf9IHEvJ8&cid=CAQSPADICaaN-6MKffT_vgoEMfcomn7OikPwJLC7gA2VP5wlmL1VlTVGy-MSE0d5ACo_yNMLJqM1V-XDMJrWcxgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8012077641137758000&adk=1033480531&idt=110&cac=0&dtd=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 7925 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-lep4q7Kh26F32Vlr6wPiVaak37T_oBdmJdSj3dbv-bUMli9GP1HyYfgW7ORcS2lfKVD4k9MPoNZHAb-mE_mkGnxsKeu5ANu1jYITE55AgMH30DYBBTfTd3sW7X6esHSJX3p_EvokheJNT04K2In52iZabC0FQCm9uno5WfDilfLPLMA&dbm_d=AKAmf-D007G1HBdz6ud43ON3MfY1zAc093SKPMiSvi7RlXnEVWfwrlL3Jh730IytV26I4l2V-ABSuSYvQrlbeNtFM1hB5SpY5OvUrQl7QiRuPOEErW2cwr4abCZmI6dD9OwtC4ohHYHX39AR_tFgRX5nhNczsM_v8pttZePbdr9kWWDPoKEsDLwqcJ_eA_gO820sDEY7CiCrsF8sbUiH8EQTHxNiC4KsqrjmowIQnYynurJrnOVgp84Fxh_TWTGpVCWEBnJGOQG_LqESaPKddnmOebFhvROvQEWbRKNE-lQ9vT7-E9mXFCXtR8_9ROG7eUrhHPHVvGkK9Vmp9AKp9RbyIOVuBgOpRlvC_zc7X-c4tFC9i2qi2bTvA-LCwZhX8oNMr6eA9lfHuwGt2osYq1Q6sInsM3meXENOHWc5wRXyYtxqDbM9-OxLfIw-dEdoN-merQsPk0cXXjcR7L6VKOMdwP5XGzFKyDeJy4hlttz1EJnXaHZbPfirFkFNOfgJij5FX6iJlQNJJR4UT5LviQOIR1puucRx7tF9Qfgi8KvjppD2PdmXwdzanS_EdEOSUpN79Uv6bbatC3asRyzy7m5SMvKmr8bQMDIVBTOys2WJ0rUZ7IQFZUwGa6EXSnh75RHS5AXMHuS3ALs30qBG3vB9c2kA85VijBa3SI-mhDI8Zjw9PYWBDKLdMEP-R3OQ9f14SWjzggJQcXOPGL68ciOSaE8aLOqT4bW8cNhJCPFcoQv6ige-Dv-ww9ZZaR_5fU_9Pk9vvhjdI7vWbGqK0KljbfOPEDLIHSpcLswaGhUlWy5QvsOcBUjbSTMkCyg0yJ1UGEP5pAcXjD7VrkEJnvSF75Op_AudyHLnFt5pphyvSnfYQ1g4ybuEDSfgUkRw0tZQGqEkfaMRg3HD3hb7XOyPRHW4-wSqyh7ClQP-k3jC37LTOqcS0EEvZPWuWeEJgYKCmZajZx3LOs9Pizt3LCn79p3t45AEG7--p3Gc8zr_AiFfQ8Zk7BZndJpc-nTjJCT-WfPjjEc5IrQfDwDOkD9xvqjMEZYr59qmvBcmNIoPR-wOZZhATvqnaYAf9_B1_gazrAfBH-ecp8AcMy1otUDBYFDARYsBoH1rBC9TkD5Y5xXMAt7nvVRxUvgHVOjTXM15nBJtpEeDHJaKhqmZqoNQkFjMQVRbRtWDG6aVO49xfmXE0g6KZLbzNWh-rw1ac1VItFiFbRDj3-bs84qiD-gwdLCoKRVpr0QtqhZZd9rmn7y9q-ERZ8YKA6X6mywGdO57XcilRqU1Qrqi3VEbUCNmo3tXjt3u7WfqcgFBNEG21iymSeBerwpjQAbdUN7zTMAcH8oAp2EGb8VKdBjKMMrHKEG5G7qr_wlV6kKhzg7qq-ZgceNRuj9YBgryzP5s698vJz5L89v2r2gnkK2ti1XVX5wUSaOoQ6aYgqgVrOsD7X-oMZEKDfpn6eb8IYnoaNmLkKEiVNkFx-dReDTdRppFs7D1jYqn8Pm11Cvsx9sfhD8FfV-l5Mh153XNdFulcEA_NoSJlcxJGJyP6Cfq3kJ7FMJU6_y1KjoXU70aVSkF4xTw-WOhdRcSK_5WGGH1IEF-EukqSimNY2c1uB20hvClJEtezgzGYK7-0fezHRDG-xZ8dUWYWcEEPwpdbHZWgpMJdYo7OccZhVfHdo354RvkAlLFjhUoryrjcu2xuZySwafnJt96m-AssP_5kj8py9lXtHU_OXBktYrUS7rHX-lk8hc6iNude3qXsitsy4Z1kSws5ppjRfcpudP3IXj9QtqCQ3PyPhOA62OHFGu_NjHYKXnyEQCeXcozg1WCpAg7NOmF3-IlUM78b1jey0SqpihZ-mEt6tBMDCPcimAeskpq0-8TbhBdOaWhSBNmVSMu1Pvysx7mhDZZmXFFpbVFoz9Tk9mNruhnaCXbf1YHH3qcCSzlcOMKKdMckhYSEz8_RRDx9vKI6LeWk5phwaGKdTonqGX9YOYmtaYf6r3hm1CnMIwVoZL8oqeujh67oWaWrObBwtNii1_R98n_S1vJ048FTc1xE2NA4p_WfD-bwMOyrz278DhUwvqKredO0oO0RpHIoGZ-MklpiNFYAqlfM28Usu5uTXxuocTvH0s1nKv964Ucg5XBbvL8M7oJit_uTHpRKLZ4hhtD2OYaEtEOQjM7LtooPpGm9wI_LwZbHqYeE6X9s3qU0UIB_IzPRtUtjo14nNx3yDk6RTV5q_TJVOM9fHB1tFXIvhdYuUM9p_qc-FxaNHg9qAZm0HQnKwASPKCADjMOGRMHbCIbzATpbDvhXEYbS0WiHTfC__NbPI9FuUy3ji3pVIfpGQNEgKMn_7hfhKK-y3DnARiG8-43OEXKv1uvrLaknI2r4H4psM8jmRyk6hQoVxa-RWks3Z84DFmbfmpRI72pP7uLOzQxMxWvi7gaqY-vgoP1Cg3GHhs53OpFO5SSMbblUD_XWEZXzaYBwU8XTVwv7kuGHJCs4ijezbsg4zka-nqf6LuBv9zY0PAvLgrBm3fCjaGQmIzCdXYDqTYxCvV0mOkqVz4X07buWLYEtU77eBTd3uqWFUaWgBBwMtZWZLKT31VZLSK-BURFU2dcy2oidyn6hgho4fr6lMMZzsYdBvKKev9eMxiq_kAI_HOj6etv74NMxdK5kwuEtYxO79836lPfgE2NfDAiSASDu4lQlBpVqq70GbndMh4gQ3M_QROneVW9Cxs5PSi_RQEo0lR4KzxIhr_RHLuIy8S08AnDi7jI875eEf7F0iNkS4PmA77rJVBZXHMPJ6sraOdVVviE5DLs7tx9BzYEqHwfoOkKMUftkZzqnFhoyoQdDlcLV68vFhgTTKrgSnJS2sJ63tloT7yG40eu0PogBw3g6JihTtJ31y5D2_pdg6kxGA7LTakSB0Ke-plLTCjwJOXRLCirWsXeZpczZqbiSRroJEFXOR13EgxkjOXUbt7e4K2khIy-6UoLho_dXyIK5XogbuvdrmN_msLpMnpjetc56jGKUhxTYnjzhrBYlYCTexjjaEZOT8ZEakxx6ius-RpAiDf7k04HYr02ODXKYQX2AkS2ufV_wx2hP7qRWDnG6p2AKS0ELejnAXTyU-kEyh9_VZW1qio46UWXiALlwIVdDvt7VO0cTVCXb4eAcaZ1m1ocb5gCI0XD--VnF-52lKfMkkkfJqEfvmj4nrRRQlBzoVfDR8xQaK5-5LmAZyw1J9xwWM-05RUNj4H_SeyfcnI9LuOzt-IPSdJSutfozRVTote3J4sQRkdS33bEwQNO9UHy3y6PzJIfaU4oyxJwkg6bgVgjz5-vYlaUdInCwl2RhVGFLxIl-pEBiytFslCxpQDcafVtZrVjv7oUuiWiqQDt55JMPx41pZnrkUHXbh3ZXUPmuAGKPTwKFbosQEhKdWPFPIVzHTkGO-TQ6UqKUKzmQKPbxLt7Rm7SO_yuBzrWV_VObYjg6FYi_A8pxOeHNTBG4rn9SLrujjia8jclytCEDUXtWpAaVUaUhW-9bIc7vMqHFJ4XFx5NZFBeXb2jEPh-_Ypwltaz3docPkzQ5_20gGApqzaXDNCaxjrhG4Jw1CEiYHsRs1YT7NcVQYe6WvH8ceQ27zIVOWTSg28clJ7UNexpDKOF7lJ6xiR7_rEJmPM5MhKa7pqnf8qRrqV4pG4Hkujf3lIFJW0KHWFcHYC5jqX55Aeko4APS5FeTZJHCaRClehGSg_0yoTMGttM_BIPhk1doPdFclL0x3CeW_Gp269k3lRTmtVT5832xkaJ689aYx6y3k49jzgHrTzzkkjaTuCSA17d7K3Qqva51Fzx3pXD6ATFP7jdhVn_J69oA6YbYCBMFBcFWwZjw7qVc11KBc61RZ0Bb2Mavhj342yh1AP8kMF0F8LU9t_bHlQuohmBAqN5NfAhzXj_khi_2mGTPjc5v7bxx1WD-adD2F8KAZ1vLydtm4XLy431oVQL3icleW7rSml7D1dbmOD-E9qlUxSIMK6RniHudbHD_INJUSSDcB4Tauh-D7dv1dwhYiO67goNFoHdoLLype7Lv4iMKvkJh9gUuKPX5WuhWh5qNg0Pw4AHQJzHbI1kHQEBaVKJBrADHITUou-ZIQCbSbpY_fJaAjwBDcXZtyTAgZZfiTNPx_XS-y8mmuIcLWPyEy751zdMTqBR9-8mcYbWYmV6hPiOLTD_iMrSttlf9IHEvJ8&cid=CAQSPADICaaN-6MKffT_vgoEMfcomn7OikPwJLC7gA2VP5wlmL1VlTVGy-MSE0d5ACo_yNMLJqM1V-XDMJrWcxgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=8012077641137758000&adk=1033480531&idt=110&cac=0&dtd=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
27136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7925 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
106254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 2DC0 		565 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 18:04:46 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
T262GGGJRJGC5ZKW
age
3475877
x-amz-server-side-encryption
AES256
content-length
565
x-amz-id-2
knoCgh7WQx1mcte7RuH6YDfhMAdqDUpa4yjgTyBp6Ym2RXSTH110M0yMPkExhvGN+9pLYBNsLvA=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
cache-control
max-age=15552000, public
accept-ranges
bytes
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0E85 		1 KB
681 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
7149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 19 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3D8B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95323ba460c20c10cbd662b20b56599b925eb78b9f86292d2c4dbe431372bc1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9E72 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
7149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 19 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7925 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d533d84fa364da836b2c2f13dce321389070c14c9f9d3322576e1a3681a0cf7d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
480_650.mp4
cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/ 		232 KB
232 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Sat, 18 Nov 2023 23:36:03 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E609 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
44190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 11:19:32 GMT
expires
Sun, 17 Nov 2024 11:19:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 49FE 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
6b1e27df7bca6e6c472adfb351afbc16a7b5875fbf91d73ac74a2aba21436df8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TZDHfWS4Vl6HadwqQScnVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TZDHfWS4Vl6HadwqQScnVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:02 GMT
expires
Sat, 18 Nov 2023 23:36:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 6BD5 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
47296
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/control/ Frame C7C3 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 19 Nov 2023 00:35:14 GMT
csi
csi.gstatic.com/ Frame 604E 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp4otmog&c=3201706815534&slotId=1600853407767&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DyDxDf2bSF-iTNCTDGKzRg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DyDxDf2bSF-iTNCTDGKzRg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DyDxDf2bSF-iTNCTDGKzRg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KH8VRB328JG72FR2Y618
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DyDxDf2bSF-iTNCTDGKzRg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 39E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECty2u0JtOhcTgDxZ3A9sjM&google_cver=1
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECty2u0JtOhcTgDxZ3A9sjM&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECty2u0JtOhcTgDxZ3A9sjM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTE0OWEwMmZmMTVjY2I3MGI3YzRkYjBkZDkwOGEyNmZhNGQ0ZWE3Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTE0OWEwMmZmMTVjY2I3MGI3YzRkYjBkZDkwOGEyNmZhNGQ0ZWE3Zg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTE0OWEwMmZmMTVjY2I3MGI3YzRkYjBkZDkwOGEyNmZhNGQ0ZWE3Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 39E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP4OTLUF-G-2PUA
0
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP4OTLUF-G-2PUA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BEEEB0F9910B45538A66F6037D84673F Ref B: GVA30EDGE0115 Ref C: 2023-11-18T23:36:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKdbdWLA20kaQEyHAFYA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP4OTLUF-G-2PUA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 39E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA0T1RMVUYtRy0yUFVB
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOwRQGLbovWMvvS6HDXrg4c&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP4OTLUF-G-2PUA&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP4OTLUF-G-2PUA&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GP31PG0PF1YBKM5HBXJD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP4OTLUF-G-2PUA&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 39E1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=S6FAUVpgS4SIBc9VZfq4NA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S6FAUVpgS4SIBc9VZfq4NA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S6FAUVpgS4SIBc9VZfq4NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
72FDDJE3S7V2NBEJ6HWC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=S6FAUVpgS4SIBc9VZfq4NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 39E1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
token
token.rubiconproject.com/ Frame 39E1 		0
0
tap.php
pixel.rubiconproject.com/ Frame 39E1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAILm07KspUAABPKNXVjKQ&expires=30
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAILm07KspUAABPKNXVjKQ&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAILm07KspUAABPKNXVjKQ&expires=30
Date
Sat, 18 Nov 2023 23:36:03 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame 39E1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LP4OTLUF-G-2PUA&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LP4OTLUF-G-2PUA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LP4OTLUF-G-2PUA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8284088df94f01f8-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 18 Nov 2023 23:36:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP4OTLUF-G-2PUA&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8284088cdf6501f8-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
magnite
prebid.a-mo.net/setuid/ Frame 39E1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LP4OTLUF-G-2PUA
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LP4OTLUF-G-2PUA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LP4OTLUF-G-2PUA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 39E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP4OTLUF-G-2PUA
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP4OTLUF-G-2PUA
95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP4OTLUF-G-2PUA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 18 Nov 2023 23:36:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP4OTLUF-G-2PUA
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
liveCS.php
live.primis.tech/live/ Frame 39E1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP4OTLUF-G-2PUA
0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP4OTLUF-G-2PUA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-104.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jDv7EuT3Cw3Qskj_FTMWc2KGXTZTqByybkMbthJZwHecCN-V7AWneg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP4OTLUF-G-2PUA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
cksync
hb.yahoo.net/ Frame 39E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP4OTLUF-G-2PUA&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP4OTLUF-G-2PUA&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1YZGFJSGc1RTJ1RURUNXBsYldIM0hCRlZQR2xSc2RTYn5B&ovsid=LP4OTLUF-G-2PUA&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1YZGFJSGc1RTJ1RURUNXBsYldIM0hCRlZQR2xSc2RTYn5B&ovsid=LP4OTLUF-G-2PUA&dpid=58160
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
23.32.238.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-162.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 18 Nov 2023 23:36:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Sat, 18 Nov 2023 23:36:04 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1YZGFJSGc1RTJ1RURUNXBsYldIM0hCRlZQR2xSc2RTYn5B&ovsid=LP4OTLUF-G-2PUA&dpid=58160
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 39E1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP4OTLUF-G-2PUA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP4OTLUF-G-2PUA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
an-x-request-uuid
fb291872-2dca-4fd3-abc9-dd3855f35a64
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP4OTLUF-G-2PUA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
27c63988-a5f0-44df-b25a-c9dbc3f89426.html
s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/ Frame 8926 		98 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
dbd25ac4aa255b6b7c0c99b95f9a74d1eddd4168f29eb6ea15db37f6554a1717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
7689
cache-control
max-age=15552000, public
content-encoding
gzip
content-type
text/html
date
Sat, 18 Nov 2023 21:27:54 GMT
etag
"c46a76dbeb5c23abef7bb306b38ea299-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified
Fri, 13 Oct 2023 15:44:46 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
vary
Origin, Accept-Encoding
x-amz-id-2
3wJe7IQ5ssosO5niTQJ2uJYBNZDLue2tjCE0sqTacEYh0PdiI1+ORruo9+W+7Du/wRXS9E952/w=
x-amz-request-id
JPBKGWRV6RH0TCMS
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame 0784 		2 KB
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee72a29b6ecc42393e0de2afc626e13bd29dc5cffc0362e9885c88abf38466c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82840889583b0219-ZRH
content-encoding
br
content-type
text/html
date
Sat, 18 Nov 2023 23:36:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dol43cMNINWKtpkoARKMsxZoauytdw0R9bLLS9WjED7p%2FZE30US57rqzYAR44RkEc4pa9PGOPrdxPfXXFEjzA760MsPkNKY4vaAJHS2JyCO998Jgi%2Fvxj3swz8JGz9xBT07uqC3ZNWVf6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6937 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
9377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
adx3.adform.net/adx/ Frame 604E 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 604E 		156 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4145584725772035&ppid=6be710a2-42ae-4c4e-adf4-c4aad8cc457c&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=18A4F441-67D8-4BE6-B11B-F160617A95D3&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350562776&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=1900059365427766&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 604E 		84 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4145584725772035&cust_params=mt_fln%3D1.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=18A4F441-67D8-4BE6-B11B-F160617A95D3&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350562779&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=1900059365427766&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
02f9345fdc8ec3b27d2713172fa51714b4fe9505459f578ea0825589bbbd0835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16291
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 604E 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4145584725772035&ppid=6be710a2-42ae-4c4e-adf4-c4aad8cc457c&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=18A4F441-67D8-4BE6-B11B-F160617A95D3&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350562781&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=1900059365427766&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 604E 		156 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4145584725772035&cust_params=mt_fln%3D1.3&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=18A4F441-67D8-4BE6-B11B-F160617A95D3&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350562783&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=1900059365427766&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 604E 		156 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4145584725772035&ppid=6be710a2-42ae-4c4e-adf4-c4aad8cc457c&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=18A4F441-67D8-4BE6-B11B-F160617A95D3&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350562785&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=1900059365427766&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 604E 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4145584725772035&cust_params=mt_fln%3D0.8&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=18A4F441-67D8-4BE6-B11B-F160617A95D3&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350562786&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=1900059365427766&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 604E 		156 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4145584725772035&cust_params=target%3D0.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=18A4F441-67D8-4BE6-B11B-F160617A95D3&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350562788&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=1900059365427766&ged=ve4_td4_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 97E6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
9377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0E85
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELA1seJ_SmQJWEIAWfla1Q8&google_cver=1&google_push=AXcoOmS4_MqH6Xim1Beqz9casr9B1Jcnn1OWLRDTmbmzhDMygj1y1izHerzfpao3cIPlNOiDo4ze5rDXZe-TQTOV7qPNuFiR5C7L-w
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E8792D6D8EDA461797697F729A7C99E1&google_push=AXcoOmS4_MqH6Xim1Beqz9casr9B1Jcnn1OWLRDTmbmzhDMygj1y1izHerzfpao3cIPlNOiDo4ze5rDXZe-TQTO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E8792D6D8EDA461797697F729A7C99E1&google_push=AXcoOmS4_MqH6Xim1Beqz9casr9B1Jcnn1OWLRDTmbmzhDMygj1y1izHerzfpao3cIPlNOiDo4ze5rDXZe-TQTOV7qPNuFiR5C7L-w
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 23:36:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E8792D6D8EDA461797697F729A7C99E1&google_push=AXcoOmS4_MqH6Xim1Beqz9casr9B1Jcnn1OWLRDTmbmzhDMygj1y1izHerzfpao3cIPlNOiDo4ze5rDXZe-TQTOV7qPNuFiR5C7L-w
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 23:36:03 GMT
pixel
cm.g.doubleclick.net/ Frame 0E85
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBZIljeOLRHVX0kP1qvhqE8&google_cver=1&google_push=AXcoOmQ3pwcp5lmkXl33fAw8pn-zlbAG-r0qnw_pGsZAxXYwWFIo7vCUn7HU8-64bSAOsTJX9wxjtgsfbrMSn9...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzcyNDY5OA%3D%3D&google_push=AXcoOmQ3pwcp5lmkXl33fAw8pn-zlbAG-r0qnw_pGsZAxXYwWFIo7vCUn7HU8-64bSAOsTJX9wxjtgsfbrMSn9pfkO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzcyNDY5OA%3D%3D&google_push=AXcoOmQ3pwcp5lmkXl33fAw8pn-zlbAG-r0qnw_pGsZAxXYwWFIo7vCUn7HU8-64bSAOsTJX9wxjtgsfbrMSn9pfkOM0_WUNWQxThw
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzcyNDY5OA%3D%3D&google_push=AXcoOmQ3pwcp5lmkXl33fAw8pn-zlbAG-r0qnw_pGsZAxXYwWFIo7vCUn7HU8-64bSAOsTJX9wxjtgsfbrMSn9pfkOM0_WUNWQxThw
Date
Sat, 18 Nov 2023 23:36:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 0E85
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEC4ZwIXTFjhMabyRU-GUsv8&google_cver=1&google_push=AXcoOmQ8Wv8eMpEHZaF8xl-ek24e8Lw8Kth-D_EOfEUe3EZAWzJIklfZRi35ccagA8KHB_fvhsd1lNx87I6pf_dDdEn0epFrrAXa
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0E85
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7BB0Hmj...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7B...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4NTk0MTUxODA3MzA5NjkzMQ&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7BB0H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4NTk0MTUxODA3MzA5NjkzMQ&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7BB0HmjCUIsFRhRIEXA38nZnzJSxA
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA4NTk0MTUxODA3MzA5NjkzMQ&google_push=AXcoOmRBUD4BWJ984rClhIRcYDRc-rlDxFbmC9vXZQvd7X86YhWF7lcWuoHQZDWNMwHX8UU0I7BB0HmjCUIsFRhRIEXA38nZnzJSxA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0E85
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGBoHqT8dJIDhT6yqpOoC_Q&google_cver=1&google_push=AXcoOmS41dnRdKx_dN9pywr-zOBMIxvTrFYpV5-cxy5jEltrg6808b7UioPag-X7hubUBkMyGxqI65...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmS41dnRdKx_dN9pywr-zOBMIxvTrFYpV5-cxy5jEltrg6808b7UioPag-X7hubUBkMyGxqI65Ht_NLBIzZdnHlBB2eihFIl&google_hm=MjEzNzUxMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmS41dnRdKx_dN9pywr-zOBMIxvTrFYpV5-cxy5jEltrg6808b7UioPag-X7hubUBkMyGxqI65Ht_NLBIzZdnHlBB2eihFIl&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw%3D%3D
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmS41dnRdKx_dN9pywr-zOBMIxvTrFYpV5-cxy5jEltrg6808b7UioPag-X7hubUBkMyGxqI65Ht_NLBIzZdnHlBB2eihFIl&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw%3D%3D
date
Sat, 18 Nov 2023 23:36:02 GMT
content-length
0
google
sync-dmp.aura-dsp.com/match/ Frame 0E85 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 0E85 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KomyFKCBJmtJ3-VlU1iPdK-pJ_ZcoCe0XUsxMsUkMM9jQBbZiRyLk0JjGxJsADI1Q
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9E72
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELA1seJ_SmQJWEIAWfla1Q8&google_cver=1&google_push=AXcoOmSx2zR4z08QorBeoSgK7LnG3Ma0pMcQ-n5cEfEYaXw2JJB-8QAhHMTsisIMTjjWRTIaLDwDh3C8KxwFa_Ccitk22CIKu4LS
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D485EB1861E442CB9A5C2E3920010CC8&google_push=AXcoOmSx2zR4z08QorBeoSgK7LnG3Ma0pMcQ-n5cEfEYaXw2JJB-8QAhHMTsisIMTjjWRTIaLDwDh3C8KxwFa_C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D485EB1861E442CB9A5C2E3920010CC8&google_push=AXcoOmSx2zR4z08QorBeoSgK7LnG3Ma0pMcQ-n5cEfEYaXw2JJB-8QAhHMTsisIMTjjWRTIaLDwDh3C8KxwFa_Ccitk22CIKu4LS
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 23:36:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D485EB1861E442CB9A5C2E3920010CC8&google_push=AXcoOmSx2zR4z08QorBeoSgK7LnG3Ma0pMcQ-n5cEfEYaXw2JJB-8QAhHMTsisIMTjjWRTIaLDwDh3C8KxwFa_Ccitk22CIKu4LS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 23:36:03 GMT
pixel
cm.g.doubleclick.net/ Frame 9E72
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBZIljeOLRHVX0kP1qvhqE8&google_cver=1&google_push=AXcoOmQ_t4RrSVt-k1H-ELXrJyMzGKUGFAsiwcFtedag62gPhYi0pMhf6-XctZUvGMCyw1eXFdm6vLLGCTCx-D...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzkyMTI5OQ%3D%3D&google_push=AXcoOmQ_t4RrSVt-k1H-ELXrJyMzGKUGFAsiwcFtedag62gPhYi0pMhf6-XctZUvGMCyw1eXFdm6vLLGCTCx-DvGU7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzkyMTI5OQ%3D%3D&google_push=AXcoOmQ_t4RrSVt-k1H-ELXrJyMzGKUGFAsiwcFtedag62gPhYi0pMhf6-XctZUvGMCyw1eXFdm6vLLGCTCx-DvGU7c0iwr_b9M
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjk1MDA1OTgyMzkyMTI5OQ%3D%3D&google_push=AXcoOmQ_t4RrSVt-k1H-ELXrJyMzGKUGFAsiwcFtedag62gPhYi0pMhf6-XctZUvGMCyw1eXFdm6vLLGCTCx-DvGU7c0iwr_b9M
Date
Sat, 18 Nov 2023 23:36:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 9E72
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEC4ZwIXTFjhMabyRU-GUsv8&google_cver=1&google_push=AXcoOmTBQogOmoGqLqM6FAxHRIBS5cjt9yBlLYADKJ-4YzfKoIYYQx1OXqh2FIOo85SfhpzH4EvL4e-xkb-2Q8H4yY1cCEVvsCoV
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853984141486&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9E72
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4-0adX...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEOspl9j1t9nSUlQq2Ue44o&google_cver=1&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQwNzg2OTg1OTQzMDU3MjgxMg&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4-0a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQwNzg2OTg1OTQzMDU3MjgxMg&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4-0adXqXLjTCoA-9_LTf2iF35n
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQwNzg2OTg1OTQzMDU3MjgxMg&google_push=AXcoOmQYa8SZ9L-ABISvyP0whoviUu5ho1pYgH0KvTBtwqw1ib17xIZNPSeog9DGzKe20vDnGe4-0adXqXLjTCoA-9_LTf2iF35n
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9E72
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGBoHqT8dJIDhT6yqpOoC_Q&google_cver=1&google_push=AXcoOmTJNgxNEAbCv8bnyEaWDuRS6hAMUgxDEQ4bahBMqDm_aXwT7mbB0GlCONlhgYtmbNZF-qWDw0...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTJNgxNEAbCv8bnyEaWDuRS6hAMUgxDEQ4bahBMqDm_aXwT7mbB0GlCONlhgYtmbNZF-qWDw0sYIRbSnUNAwaaNzyk3yv8J&google_hm=MjEzNzUxMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTJNgxNEAbCv8bnyEaWDuRS6hAMUgxDEQ4bahBMqDm_aXwT7mbB0GlCONlhgYtmbNZF-qWDw0sYIRbSnUNAwaaNzyk3yv8J&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw%3D%3D
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTJNgxNEAbCv8bnyEaWDuRS6hAMUgxDEQ4bahBMqDm_aXwT7mbB0GlCONlhgYtmbNZF-qWDw0sYIRbSnUNAwaaNzyk3yv8J&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw%3D%3D
date
Sat, 18 Nov 2023 23:36:02 GMT
content-length
0
google
sync-dmp.aura-dsp.com/match/ Frame 9E72 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9E72 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lk8E99aGcY4TUOcP-hQEd7SKBNfgN4-O7Y1Wb9m99rNCpLyCXwfOXSZrQqAEUr0k8
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 49FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3921667393077596&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E609 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
30596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 15:06:06 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Nov 2023 23:36:03 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6937 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
30596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 15:06:06 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 97E6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
30596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 15:06:06 GMT
kv.jpg
s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/ Frame 8926 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/kv.jpg
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
d09bd8e3d503bc79eb1482fff8be68b0005fedbc286b1e54ecc817af53bd7272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 01:19:40 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
5Y959KR2EP5V89HH
age
3104184
x-amz-server-side-encryption
AES256
content-length
44497
x-amz-id-2
iaAoIi4WETaA3I4JKsjdLp+JiFiM4/uXI7YcmRSlzRAY40gHeV2ZT4rIRAPlBMcKSOHiNqX1Ehg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Oct 2023 15:44:46 GMT
server
ATS
etag
"f24cd071c3f7c3c312b46a8afb8a1842"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/jpeg
cache-control
max-age=15552000, public
accept-ranges
bytes
casale
match.adsrvr.org/track/cmf/ Frame 0784 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 0784
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEA6U77NI2qvvbf-imkkpbB4&google_cver=1
0
0
usersync.aspx
dis.criteo.com/dis/ Frame 0784
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVlKYixMYebMuplBAlkvygAA%265190&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVlKYixMYebMuplBAlkvygAA%265190&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=28f86352f570410680bbd6c54dd0de68
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
267550
expires
Sat, 18 Nov 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 18 Nov 2023 23:36:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
dcm
s.amazon-adsystem.com/ Frame 0784
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7DZMY5HA6PMWK32RT22N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6Q7M2GC9RWZJXRY6BJCE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVlKYixMYebMuplBAlkvygAAFEYAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0784
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
0
0
crum
dsum-sec.casalemedia.com/ Frame 0784
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=L37kLeNK1R4uR55
0
0
rum
dsum-sec.casalemedia.com/ Frame 0784
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4130517591434833021
0
0
ix
s.company-target.com/s/ Frame 0784 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0784 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZVlKYixMYebMuplBAlkvygAA%265190
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
642
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8284088bd96a24c4-ZRH
content-length
43
expires
Sun, 19 Nov 2023 03:36:03 GMT
csi
csi.gstatic.com/ Frame 604E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp4otmzl&c=3201706815534&slotId=1600853407767&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0AF 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-By4kd0Wb8QuUQeA7teccEkj10u0y_-m59ri-QwVH0bYO72RNC-s-dIowL5pGcIQbTZfn2bPAS8k3ZaDBzwJ9KuOvvQ0KkMAIUrnMautTzZwyJwR2M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0AF 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=936159297289832488&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E0AF 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E0AF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:19:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
44210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:19:13 GMT
csi
csi.gstatic.com/ Frame 604E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp4otn8p&c=3201706815534&slotId=1600853407767&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 53FD 		611 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXKPvZMcgk06wX6Ufyaeicf1yJ2tk5xe0rlNOgIJ1hg3iolGo4RNknNzfppdfGiOzwdQmXKYj8byTAvMty0vOYsgl4X6A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E0AF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame E0AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSe5bNq4QqBFNGfl_Q4fKCIHTgGzP7TYjZBHyrcF6Kcc6vjxUsEIdeldwy--GaStOriRtmxLqlCYxuibb4FgZFCMe0BiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E0AF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:36:03 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
setuid
ib.adnxs.com/ Frame 53FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMjhGHizLUyGILELBgEilxQ&google_cver=1
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMjhGHizLUyGILELBgEilxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXKPvZMcgk06wX6Ufyaeicf1yJ2tk5xe0rlNOgIJ1hg3iolGo4RNknNzfppdfGiOzwdQmXKYj8byTAvMty0vOYsgl4X6A
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
an-x-request-uuid
0cba094b-a52e-4f0f-a8b2-6221667f462a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMjhGHizLUyGILELBgEilxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 53FD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxMjQ4MTM3MzY1MDI3MTc1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxMjQ4MTM3MzY1MDI3MTc1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXKPvZMcgk06wX6Ufyaeicf1yJ2tk5xe0rlNOgIJ1hg3iolGo4RNknNzfppdfGiOzwdQmXKYj8byTAvMty0vOYsgl4X6A
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
an-x-request-uuid
c178d0c0-00cf-4d6a-9300-0463e148a1ef
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkxMjQ4MTM3MzY1MDI3MTc1Mw%3D%3D
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 53FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXKPvZMcgk06wX6Ufyaeicf1yJ2tk5xe0rlNOgIJ1hg3iolGo4RNknNzfppdfGiOzwdQmXKYj8byTAvMty0vOYsgl4X6A
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 53FD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYwMWU4YjAtMmE2Yi0yNjY1LWUzNmMtZGE0ZWYwN2I3ODhi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYwMWU4YjAtMmE2Yi0yNjY1LWUzNmMtZGE0ZWYwN2I3ODhi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNXKPvZMcgk06wX6Ufyaeicf1yJ2tk5xe0rlNOgIJ1hg3iolGo4RNknNzfppdfGiOzwdQmXKYj8byTAvMty0vOYsgl4X6A
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYwMWU4YjAtMmE2Yi0yNjY1LWUzNmMtZGE0ZWYwN2I3ODhi
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame E609 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FQpSBw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 604E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp4otnbz&c=3201706815534&slotId=1600853407767&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0AF 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=298086784363&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0AF 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=298086784363&version=m202309260101&ct=76&x=1&cor=936159297289832400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E0AF 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUZu2wmIHh2zJ1xRYC_xw-T1frFNuFnQCB_uKvhMhrZjAdCJQqMQsMNUrdag6pK0X1SAaXb3Ii_d3gqMDsuqbjBPAHNgP764wFGHQiXRfIq8qc2QXet1_VWF-DOjOI1mqMEjjdhdDyPrZgqp2OjE50qDJ97bH30a7VGo09YWMYhXDLh74&dbm_d=AKAmf-BgVVPZXPfMFpOtpioT6zv-WRWAFlBXfitN4nbXpuWl4ROnz2dE1QUoUm4nzR7VVhrUQi8TWuYYCzg0Q3wy22uPZW3WQhC6Q-mluWMGrCu5vzkaqPihATVMt0avXKy1OEEvVkFWOflsZHcidosvGTFpA17dHOYaCbW45bMwL1h4OkktK5KtvcSXtP3pqFBVUmZfvv2mbvYpohjAl9RmZgN6PU8OEqKXhohnQpgRU2ewyyqH_Tb-s89mvrpYuzeoz_rav8TcbIdJ3XFHAT7yDBT9vH4UKspVDF5ekXvZe8auSCShSaYCo52j_T5PiKzHENIzF840FpqFp5Kt36NrCxremEcK17tlDJmL1TjBVkZ5m28dRXUbsLvaq8VjlnZNQbqhxa63AUNpASkZk5y8uXXrdLt_SoXF8951X3Dm4NXiNQdMuxNHInZjfdq6Ri8GcrdHMi4XoJEJw93j3hRSrzdaeabS8R1AeRDOZrzenSt1WLCIvi5ScvIfwBo5k9yMdWgMNs1i-vrX-uuwUuDxjArTfisEkVosPyhe7FRUBFab7MhvpFnhOVOaC0EgtCtaWLvnHSWE8WPMw6jPZf-POlEvmJTBTz0ZXgUC39wpW8Lyd6wAeZI9Wp166exP_x3wnRjtU5leCo2l9LcHofzeSu8Laz97RudCuKr_rMLJems9gO44Idc3cWLm1VGduj-Dnu25_qWmRmltHD8pOja62Emhxf_WtGixsdmd7yBdcCVXPtQgO3VN5lFq1Cu9igPSTIzDYwK_ZpKo6DmsLn-vV2dlKRiuwu6L8x5HM7sPD4XaGOXPAZDrEu_cireIVjlJk6H4ms0_HVPCHDyg8YeTl9_16m_1Qv5U8TWANJxVTRXFCsD4Tow97haCkKkcnNAmflWmqbL4tslMM97UKA14JvYKCOPuOWNvRW3hl8Z4UGCAZgVU_XZSTVOF2cikmmkafgcPMn8Jo560L8t-Z9gKjB6cT1sAWYV-0IA8bsWeMlRDGKjnXY-pZC-EDiYkUoHX_fYSdI0Q-h6bjOOMquEmHTH_nxxDXHyLU44UrcL9Fi1drwBMMC6kT9ZT1lZZT7_CvFPapMnkr4sGw2eXXYTQVzsT8ODHyQWZoionTfX8J7eZFUOKR3ljjaAS1oH3lHpNq1Mvn60OKV6TYRsYgD9007VAW8mSUufBOHsadHt1-5NSRSFKwMymqwYiimn9kImWsHK9Gu8uZSfWlDy6GWjtagSFdpWS5JGAqoGxivBDO8egwdC_iYqu6OGIEI-cLxdZG8AjtNYqVUKFZoseYddIh4oOJCSutby0A6quW0SqL5n_Is660pAtZN7CgztRWqdiUHw3R6hjC1g06qu_5qhQN9sgahJy2ghvAqucalAOYS4I4W9l9tZfnxnPBhfcoMpKDbtkankNYhbZlNhH_PHSaqc98txlq3SfpvPyRKLWfnwp-7L-3HVN5Vnae6uB_20Ui94ch1TyF95zzP6RWAnPKW6J10AL5SeA3CLhgo8p5vA-WZJpCJVe9vhJ8_xVg04QtU024ALCVjgdrIwM6xaccJHnN50rTBom1FyD9AT0eR9ngw-bwtvzrqiMuBa_JO-mPJmTvU42RSiAy6ZioaaUD5fICXXL9kxlt4vel-TRQdzKY9jUjX6hlqCJAP7DWmGyiCihL00wgbCUcsvEdM4mh0dMP4xci_2_1jc65N9NQUyxkDDbEgbYoddG1jvfISKNey2AKVfvUncw9gap5Fa4PgwFIjxTas448mjtAyXDRmSc8Y2gnVYpyloQochfiOKvp0Maw2jdlZbYyFXug8UVdr61CW_4nT9gqybe5QPAJq0dlsKK7zj9j1hqlUV-4SyHiRIdYfK7SxHO1FqIl_pMjhufD_OjL4h5XO-U2B_Mr2BzM_ug6FdaZ3LGUQUut7Hf_9Hin7jwrhkM_WQoN0zkJhtqWm-Ogjuv75rfQHpOKx2zXzbue_v2PdIlr2TR3rd2Xl9ZEneSLCPYwFxOwYL63LL5V5bbbjHs0cxS6CQoxMIYC68zVCsHkM-GqozOQujF_A3A4XQDxLUZh3FmMNmGAX7Y9Arm_cpidqPHpYmXlsZ_qP1wlT0C6IsR40cRUBBRaZNuHiFjNUP-AykGGoXr6bKm_JbvdyIofAAVJGXSteIzdNcPMcR5BjjfU3_Fdn3kZfuE3jsWeyXonAE1J_u9hazf2TpAQcqvxfzXDf6gP7ybe09fJQjciNRMFGtb-HHK9ssVxIFd2ChpJa74JPt1FQ57tmGC223bVZpw-HaypTDvsHhQMDVoD4Qzczk9sOiifmzO33HoFZ3W6CUYnowpMGXjBiwxK-nrP5vUQs_1bH2ETU9C7NqC5smGk2qghJ6SdeBgfxOmimCCY1tVvplcHqZYfYGGQnOERgVEOWiq1139O0CfQaQffBnCU62RFM5E_FPJJy7SpOmdAXnXGsKO-6pSvp5q_2Kf4gr9T6T2u1YVr-V49vyZVw-9mddA7yKMRl2oy3GM5XWT73_OPt3sHWAuT2LqUwa8-5zxipCpwi1Hiu3Tv7CB5MHsG-t4ElTxic4zvqss6mrkafzlazFlxesl_ZLyGtKQYQkrLEs6e8WpPbAsJgdcILaW-boe_qScoxiJ2lIOAd5F83reayx6MTEULR1TNkWdXg8b69l1f4701IAOGc6EVdygyKXcNcyd-ClAlA-HsRdE2pBgJnTXcZFsPIYFVnRbHMZB3QKY9G-hYZAYdUXr5DZHJ0eURfEDL0zHLSQiH9KNbSbGWvsLIIuTXqgLBc4VbUDWAwvS09DWxT9TK8A6dwdxox565Bf_DaO7SbIOhC5Q_OncPEm9o24VHOkZJeenFZrQbsqz2bJXLN4N9zAGZohfwHMfZuz5SUHJ9g9uyHYVZ5FasdbWZKGSgIdpp77sNiFSgx0mKiERZlGQA727W-yGVPaHOhADwq2urOQXhL9ecbfPAEyy9ryeiqs1sVeY6OqKU-BotVk0v7fPZ2sQot7KOmSNl0o38Q1Qg4vcR4ZlJEi82SYelI0MHkH1pfm-QHcftRC5HXVlNhKSPET1QlafY4FJY8xrsbM4OxayU_N7XTbhAQml-3zOtn5MtPDawtYx8T0ox1SNaI_-9gGHuualH73uA8yoHkSQL88uXz7UTMzdSWn5b2eqlFcVpgv0wWVRqxj5LIKJkHLVU5b8NfeN31-QAREreLI_4ePjRx9Ja5Cqbzp8A3TSTNixzqUW_5WE8V3l_HuFqq6e33EVqSowtleSC7zCum-FhDnXkBlsgeF5N7RLtp4184nqR1FjQcIzEk_nPOFC7cH1UY7JQIJeDnJNO5FRl3BWaxFEWxWQePq0tjmRbJhMsWCAfDuimUZnQMmHmHKv2GkiDzOXg3hRkGkhCTU2bROIcYGgHhUPxDZtnUihnJC_fmnsvDee_yG5L3HLYUnT_L-qfsXyuGtt4O9le8GcP6nlUoGoZwTSZHu9NRO_dYmSCfS2e8Tmk8s6JVX8KV4Z-7ZNyDO_i1RXcOAQ0TZxcK76Fn0VvzoZe8Mmj0Adix_4-MIuJ1pOBzc3ZujO2mDeX2yR2puTDL3ZNB4bvfXTARSzcrt0ni7GAar_DvGgWm8hf3oLLiOtVudYFi49v_R1V70E-sTu0fHhhHDgUzEJHMRBuPk419sh1khALHzbY6NuSeYRFTY6ttrcqCpePs-l8F0X93BSGeMBSdC57SVXyAHdI3MevpWp3F0EfykWmlofF_z2NEYZnR2yt9ALv5cTg6gmuShKmmzOSXFpw8TH1E2Qm6mKXJ7xbAgfqQ5I2JKvBP9mng6XaZRhAPd-e9QBRvLFHBCDFYL27E5UWoZUm3shBPMkOsF1JVopI8_2UyC0IxlczwNTYzqOJVhbaZnPBLK-rwXik5QeiYJX2w-uFfxEm8rb6OkzZVd5XJ_QkfovMvtNnTt7CzJvIYH9meOtTKNkS2zEblPevOsIo4h03iQ8MG8g1ksRsnNCl1lWaobnRuzerQ&cid=CAQSPADICaaND1Z1pwx-CK2Bpeiaqarn5Hn99V3Vr2agCVE8wz5EMOFgyx_x2nLM2PkGbqpsKjAwdA8rMBEXQRgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=936159297289832400&adk=4022746785&idt=411&cac=0&dtd=34
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
032f4e902003e3e6c93a04234f5170d9e313ab41e113928e1f9207dbf13ea6d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38787
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 604E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lp4otnkd&c=3201706815534&slotId=1600853407767&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=1&vhc=0&wta=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 604E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~lp4otnol&c=3201706815534&slotId=1600853407767&htp=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97E6 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BB79BYkpZZeSaFpu69u8P88-S8AQAAAAAOAHgBAI&bg=!GhmlGVbNAAZxrfrxUa07ADQBe5WfONPEkOAHC7b5vXohP2KDwEiBNDdTowb_EYwN9C4a2-rDtO-mK5bzK1wsFL9kOQppAgAAAO5SAAAABGgBB5kC-B0AShG4AyrIcoKDKfU7ZHdzBj1tsErPrVozUsZtC8Z4Glyra2ZIIwKCRWqCEWughd55MC3_DJBGETzvmVLduw166QZq-8OBFDgjFvpJnSzuLU22-knffMqcpEfzmC8I3ZBop208xIxLbpiTXMTh1EXBDWg2BKhZrQz1QJL96hpJ-PsETUKrVEgNboBJ35_AvUjp54--qzrc_it6WMW3NQHUv2kIUSbs9goCPtBZjV0F0S3XuPpKHIDKXDZREkhylVs036H4o4d5D-95rFdcc3-SedT4Mnd-CYDsixcWwcjRhxnGPVEWy0jdDh218vGs-OwEmyVigCbvG4Doaws3soGEtj69XWP-HUiL6b-2GbA_uCQ2slCOtD0CWrOvuX98wffACYJvv4IGNL_JcJ9u69QVsp2YPlCwk2Y1YQY2Wc3Kl0TUfJCUhUVjlEhLQh9fVrbJP_4iAfbpJNX22lmIYZdO_wypKF84DO3IwDDDAnmT_zvXU6Z7bliqv_EN_d8hth0rysKwu4BRRorDXzXTfst_cpf0vfv7v96X24t7d0XhWkjMoOMZUHuyiQiltAed6527he_MRretWk3vHMe-h7Wcz_eL-0-ucnaGsL_maiBf6hamviKlaJBej_S7OOFLLrvXsO6QzlVa2R16_L8KtLeLosPxywzphRNNrVaBQ9aSgKtYKUl9Tk_xyBCRP97bXL5g9H4d2l-Ow_Jpat0yrF5DSrBbNLIWXUYXLAuTQRrEFCURXH3pRAV-vOOixlvbr0iAibe5hbcnkslz9Zt6Sj8k2s7087NsHaPGBG4z01WTbF1JZ3FWlI3VTIKY6ZrmjG28JmL3NBZCnrUxz9tZsXvRdXZXqpVIeJa6gLTnUVbJV9IPQumuRxhlMDMZoZ4U9YIicNCwMrKiuDq9_JBKPTITwPjSDSvBq1Z62S-TXKIN-HyUvbjf_mG25hMyOM0w-C9e8Nh4PuasYxLDbvfy2gHl8LdOSJ5rY8Cy8GkWffQ7SgdkgjnRtak
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700350563655&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1573&pt=-1864090054&tz=60&viewable=true&ddast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1455
x-cache
MISS
x-served-by
cache-ams21081-AMS
pragma
no-cache
server
nginx
x-timer
S1700350564.708549,VS0,VE347
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6937 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwD8qYkpZZYSfFs6F9u8P_5WRmAcAAAAAOAHgBAI&bg=!9fal9rnNAAZxrfrxUa07ADQBe5WfOAk3jFKJyzYABT2Ds6V2H3E85vfTkCIJsOC_cctlMEDIekrlbNhQh6RmKlaxU3ioAgAAARNSAAAABGgBB5kDCPfdT63DtCSJlpLUQWCC2jNucc9-5bu8YPaRQnn3E48_OqM0LvjgG4EY4Gx500wPpPFEixJQbixwZx5N_MWx2xMroAete-Ci3Jtdj_SXgCjbrEpeq2DbSDydkguBMsGRKpb2zxw9Ae2jIUuNhMf-uDFHsbQ2gOoLeNIWx0lZokA4hA4ji87cYL5EMksALVZujW8zr-Il4V6HhoGywnPOUCSkvnS89_fqsViV_1tVSFOh4Xj_3CzsTPYn6VTuxlbSyqSBDTjRY6huvUc_JXrglPEJBtaMYScEoSzdyY-Rj7Iqy7lAbHJ-2s__V10tSzAPR8DIPyWMQpa6keTy2_J9pYpr_bhs3cyIZRp1IBJzj_ieyxj0U6wCQiCQkMqHUxVZu4i8D2PrCl2dJ5y9KlyruPxZZYNBpEt69hz8MHTV2ACiGvdQ8yDYGCWxfszqLQMYHzCCeSX59yOBMvQf6WWVhOTa4xSgAgHy8pHdGQ91vqSo130E_X4WvCAuR_w6pxiYutT4i-wp5Jzk_8I1ku2HK4wQrPq2WaaYJizFnGZFzkF8_mamVFIFAIAkjSBt8sA_KYdZ-96CslPf0UDpI9rMCT_UJliotHOw48kKRP0KiLsx_1iMFSA_4qn-U8sW2WLgj2rGApzonxWwZ885qcclLbkhBGF1yGcCusLFSjj4V0f32RwPC1f6goqddk_ASqaFvwkGL2W36FNBlBmGm3NHRJTLDfWYMsDriDjJgi580i9BWm9mlnxsh3vIvwQnnGujvGX7El2pJRPl_HiepNN5tCNy0eLtN5v8vxa1NlrDllIY_3lkrR85eWVeMf9kT8Wrn1QandVtCY9AdJFBMrpVO8md2piKU7rgjg3yFjYrWwt4qZ6spEjTvURxrzbRI-tkz7nnNu24XB62rk4RdaRfnvkUz2-wKgjH_1De0zBTiiBAgFO3TOhm1tZg3yaja-BmU43LLcJyFLSn-EMlAi1nEYIiay8lSGeymkWVEcmkolDRFnFCS8SBPPUYrOWJUKDFRo_r26j5LDEa
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3D8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTKYopB3-0kOOCXD5vQz3-1uBkaT28IZrX6AcLWy-4cGe79vjNQCt5qNkSAjNRLCm66eD5e3fYlLNZyi8u-sEiFPv7P0E4D0b1AkQBIi2ULhGKQBRxuwBjnWM7aWUsrTSlRawMku0n5G2KB98Gh2BiUAnvQ3mi1udF7mhPJoNjY9zbLn1e3hGOZIjHHEUrjLior4feWohYxmMJ76_J9Enyows0reUGvCppMmHYbWFSl_4cWqkEM7OoHrhFstCJlM3TnOaljX_00QG4zCxGuSFUI1X1rYAZc40amPP3cs8vZ-a_LupGOKEEuDjh5B7cgb8ZwPycgJVDPnkrqfZ9YtmgSa6GC29vaiNs8KgJRkZCXNBgkIU5kN7EY2IDrJX6njy6leCLpNER3tQIg7RqEVDpXcW02yl0_bFvfNE1qFvHenIuCfeQCnbbkaweSi3z72OqtZVwruYAc9PKxDUVeNxbR-xTqBKUDw-ZGNy0iXAZwstSjE5dW1Jcl_A7HDSSTxsdnrCSOMue7mmB1BewImTIz6PtYUYN39NkQdE30j4m0QxhDvoXttr2jvQmegqNfqVo79rcAXjPXdihJVtjUlZm_A2dvCKy0n4-zLIesU3FHM_HNTG48T37GYGISf-mYhT29BnnMCWnkB-Uw1mzfmRIiD0ayMigvRH1HNhOdlzPUK-NRfa9EBufXftv2s857wAbObtRFxLf90IV5JWGvxvNoA2DFFI_HrE7udsObB0wuwJaYgTdQHiJvvQf_GMCKEoC1n24wfb-QOylBZFUgXdGEwgLxQjrj1NjTvCds40DWGHmkssoXrlYi7FbCO5FiP6kf_A0o3c0NR03RAcLYyR_tzjoFMuQKRGVlFv4H4VNnPR_1tydqVfX0vu9d-0xt3P73dUGvOnd1Y5x1OcF0FsTpCj_jbFLarJ1t0e_fN2QuFCukjGjs53ScJkVqXKMo2WKjd5WbB539dhxSZlNKFPdHmnlHFuf_V7UtAJ-Ic9WUQyQbrIglsngIUYMUpxLanOk3LQdqZrB9nX3ySDyaBOLtmjpXp3rQ2Sn8WMA2mpshHnMlAFOkFaYKEWULF0gHIgo5UYSwWAVt7ztq3ujrDiptg9CvX5TQJjoqeACY6yUmtojGyZyiGXwEYjvTVn1LD8nxmI6z0famxfvdJqqDo53tvSJcmzCgYv0rrHvay7VA3sZ7T03NyRDv-BC--u3tkYGEJCSzj9O-iEgP9DAWJ4m386oKMRTvATI45GILwXAOqiqn48UtQARbgfXR9zDIxojdjIvddZTgZxaitYVn6-ElrG9kyGVjxjsGpoobP7f_poyFIshY5ejtyb-MAtx1EAcUIcCVPUnRyhniveWJCycW09vaya6WYLP4QDHZxoj9B2vebpvbzqYGm74TqZR2Q7fHqJb-dNxQ6BAsztIc5j6XzpG447sZd-Ff3bJ__I4fwWaxy5E5fBsP7NQW872VBRep8JcW3oYCJUnz1VjCtLdXPNsEPQ-Ssgfevqkg9nRXxnDWcmu530md7Rh2Vgu6myWSwcz5EZQNwWcnZQY9vOfxu43Swf0BhqCwQ&sai=AMfl-YR2VU_sqw_E4BAed-BN39fhyDUhcrB4kfzSnF8V4CZULNz6BvGE87nt85m6Px-SI3ozbCxeidrjp1USCpOhXpnw9nzu6bQn_V5fuKtzdy-y1o47UYpG8EC7rKWLkYzm0iDGTW6UoqMBsZ7di9tZ-364KsRNBSEV5nFUYz3lmZyySYyFnB0ZFZzm7czG9Ltosman3hSz02kXOEr1KQ-zVBCFOmNu_WQHDR6xayNKRrDiSvTJKUoe918PxzRMKp4ugANbz9R7A5d8GznCkgFr6f-ppNnz7zBwWg&sig=Cg0ArKJSzCzrb36axtf9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1101&cbvp=1&cisv=r20231109.41158&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 23:36:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
10290845057159846043
s0.2mdn.net/simgad/ Frame 3D8B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10290845057159846043
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
6d220d31308f479706e776157adb1bd09563f379fc1ffc26584741da6fd678df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:03:00 GMT
x-content-type-options
nosniff
age
88383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11333
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 09:15:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 23:03:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7925 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2KBKHLNdifM-mVyizx8p7SMBKTnlVouTacnJXhEMdzByW-FN1VcMRq25GGLt-7B2iPHyp_Se8pgrrjLRcv11V7ld-r7grcgSgeT8HNPCwD9TRVlMcz7x3OcvDPOjaVjHCT1CO6kkl9VTSqVaSs5wHDojksKoivrSQYfnaT0JEkhSLu5LoehThwVEJiFi_gLZ-T8Ftrj3hilvxvfaiM5sFFN8gQGtndVYozb8Y0ACC5GLh-Qj1Ug3zJMssorhZkQ034fqUoYTZ0Lb5mgLSSye4VorMSQ5bOwZ-br7ZZoq06dGKIteKgAttOTP0pfq3S8hGSiHruH_untNLlN48XEtdCK3Or-Sn3xCvf4JahYDOK7FZgIepm_9C9wcpLRGi9-pLIhbJk75eXhELm9vf9w9g-nGxiBpnr6J_RXNFcjw8fIOckbM3TYkg5d5OmqPObATIoh4bnbAGQMZ1je_luvyaJzPmP8az_dukbVN6g8FK0f9r-ep2aQCOSRMkDdZXRyPkLu11T2O__zIIFmpSYWaBb_ErJ8mT_Ry1rUCMERy3d9mbQGbPAaFZOou28WHOsMkUWmeH_rrVo2PbFEjNh4O7DGiySQr_dkcAsMzMTL-nOIR_HHNDMGoElrpwzXIrBNd675OAW42bV-sp01rw6xuKbNVL6_lSxisT2A3Kxh-oR9PlmDBSnxr7qG8ANa-Pv-_f7YRfHcHVkKCuCQj-cb45qnZ4AsMxik3RKGYJY8XYknoFrdayRbv1tnbQJl2BPp4p7hchXYiwiJEtlurACCAmyiZ7PTWKdAtWRwL2sHekLlzeSYzkqFuAPVQGrBqi4nHoqHllZdUyToN9A_sVYtVvNmKGt08Gs4wMao2r3-i4gIGadCTXvTJOQv71LSjNsuYf7B45SCky94CxOAUqC3JcXzY4ymqqh32Kj2CgTV94mHLPDvnB9zAM3JAhowU3eK8nMu-ziZmUr3M8K2psrrWdDc5vloGZZGXqKsM8qbDx7YVpJ9iLWNp_Tz14OzcaYaSpTbL6duub8pIxbFa7jQWOaYlAlaUbU26_xoUGrhz-NXDoQgehz5fUjGAfzaAibaps-SMSzAgApsyt6nu45cKuR0-Yg8NxW6zyCTC1BBsxisFqwqmu-jRhzlTKggaVwfhZAgeQ5xW9acwz7curzziSun5HH2TkvjZ1za2Q-1NeN1vg9_6-4ioS8AqQ8U7GBh2HErG6Tl6bytj6AZ7NWpqDcfGF7HM5CmQy4fSWqGCyEig4kGhmzKg53uK5F3g9C8x7j5cWWbwS08bMHkcCXKLNXRHMHmh_QvZzjaGsqMJG7h7ixaomna8aQMkFHrqXh_XoYafYzwjMtLJDx_TWChylaPG35kk7QeXBUx0IFfCrwxQM-8SlETI0wnwxEJ0COjF1WTjU_FnorhmnDSMuZ6S-k_zmOg0oFa_JqXKlDtqj_7HknM7mq0V4LGa4njIObzPhNCTSV_amsrycXGXuKCYEqye2AHQfSLE4zyFVaqm-yesVkuGJ8Nds_zp5Gu_2HjoIbzHzvP4d0Q8Li16lK3EcdD2T6h9jQP0VoA&sai=AMfl-YQH8fVWWjUOo0EimJvKxsvZxIyOiTtYbunFdAK8bGAuxrdsTkwZOrk-yZT7-MwFig07Bl8cDy2w3rigVlShtz8Psf6xouuArV8cH8HozrFBjb2BTcW9VhBpZxpFp5MrckzV8-GvhHZxJO6aXgzPejdUq-QKIoknMDnJR5wGO38AvK1ta1UzQHfIoNuRitbfLM2mgdVP1GcDcUpKfPQyBGjKfkAWYrL2ESSgaFiw7KgfAw09JlLKzmCtDfG0eWnUlOvqp5WGkgZUeawnrECZZAUAthqjAE-t5w&sig=Cg0ArKJSzAFBMj5mzzQwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1073&cbvp=1&cisv=r20231109.45036&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 23:36:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
13418204214378222500
s0.2mdn.net/simgad/ Frame 7925 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13418204214378222500
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
b585b5dfd5686ec81f8ce1e1b59feef59e251978b28fd3be530f019f7a91425f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:19:55 GMT
x-content-type-options
nosniff
age
87368
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11616
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 09:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 23:19:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7925 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusDX8vtECresRgjqTymD-iHWpBq39F7DM_taaUOt6RmXugOiwDlpdmKbQX-o8bLxLxG1Lfrxv_0RQIDwhI2ollag4BnMb-KwDkdDYlE2E2nbtO8l7L3VIN-dvFrawVzNz_25yqpGeqaw&sai=AMfl-YQoZqx51k6aLVyceFZq_QwAwgx6oKTSnbDeeQwrg8SJz2MhxsMZ3zXV3nFezEAeKbMhOq_MrQHttoq_iW5ANtknm7yRZKPKg_wemyzTi2qw0d0QWmb8WAO1GeWQ&sig=Cg0ArKJSzBE4zpv-T4GdEAE&cid=CAQSPADICaaN-6MKffT_vgoEMfcomn7OikPwJLC7gA2VP5wlmL1VlTVGy-MSE0d5ACo_yNMLJqM1V-XDMJrWcxgB&id=lidar2&mcvt=1009&p=1110,436,1200,1164&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700350561795&rpt=874&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D8B 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurk65-euSOGmlarV7QpgwbjxAylAfnj5KALBFvW5_sj4lNqKW8SdqDq01T8_qKUS2Kbkn8c_YC3q6FzQwUz49LWK0jxVbx-h-w7xdfN-soEaycg09kq2bA5KRitGMAFdavW5ufawG6sQ&sai=AMfl-YQCz0UeSnoRX8f7u-QTwcHk6l5qp-ecz9sk7GLZFbqzLjx0gGatinjO7kaIk14wQjfcEmuGkd-jsW-aUTj7FwwghJ5Hz-kodAPnbS01vJySVO-iEci4ycnOAvZG&sig=Cg0ArKJSzAV8LrvBjoyVEAE&cid=CAQSPADICaaNVkFexjEuKV5Z-eND0WchB1FuPwag38lc9fEwIIVNyp5j8Hj78iEBpsHgAozF3Bfww2ry3cetzhgB&id=lidar2&mcvt=1012&p=60,295,310,595&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700350561817&rpt=823&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Nov 2023 23:36:04 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E0AF 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame E0AF 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUZu2wmIHh2zJ1xRYC_xw-T1frFNuFnQCB_uKvhMhrZjAdCJQqMQsMNUrdag6pK0X1SAaXb3Ii_d3gqMDsuqbjBPAHNgP764wFGHQiXRfIq8qc2QXet1_VWF-DOjOI1mqMEjjdhdDyPrZgqp2OjE50qDJ97bH30a7VGo09YWMYhXDLh74&dbm_d=AKAmf-BgVVPZXPfMFpOtpioT6zv-WRWAFlBXfitN4nbXpuWl4ROnz2dE1QUoUm4nzR7VVhrUQi8TWuYYCzg0Q3wy22uPZW3WQhC6Q-mluWMGrCu5vzkaqPihATVMt0avXKy1OEEvVkFWOflsZHcidosvGTFpA17dHOYaCbW45bMwL1h4OkktK5KtvcSXtP3pqFBVUmZfvv2mbvYpohjAl9RmZgN6PU8OEqKXhohnQpgRU2ewyyqH_Tb-s89mvrpYuzeoz_rav8TcbIdJ3XFHAT7yDBT9vH4UKspVDF5ekXvZe8auSCShSaYCo52j_T5PiKzHENIzF840FpqFp5Kt36NrCxremEcK17tlDJmL1TjBVkZ5m28dRXUbsLvaq8VjlnZNQbqhxa63AUNpASkZk5y8uXXrdLt_SoXF8951X3Dm4NXiNQdMuxNHInZjfdq6Ri8GcrdHMi4XoJEJw93j3hRSrzdaeabS8R1AeRDOZrzenSt1WLCIvi5ScvIfwBo5k9yMdWgMNs1i-vrX-uuwUuDxjArTfisEkVosPyhe7FRUBFab7MhvpFnhOVOaC0EgtCtaWLvnHSWE8WPMw6jPZf-POlEvmJTBTz0ZXgUC39wpW8Lyd6wAeZI9Wp166exP_x3wnRjtU5leCo2l9LcHofzeSu8Laz97RudCuKr_rMLJems9gO44Idc3cWLm1VGduj-Dnu25_qWmRmltHD8pOja62Emhxf_WtGixsdmd7yBdcCVXPtQgO3VN5lFq1Cu9igPSTIzDYwK_ZpKo6DmsLn-vV2dlKRiuwu6L8x5HM7sPD4XaGOXPAZDrEu_cireIVjlJk6H4ms0_HVPCHDyg8YeTl9_16m_1Qv5U8TWANJxVTRXFCsD4Tow97haCkKkcnNAmflWmqbL4tslMM97UKA14JvYKCOPuOWNvRW3hl8Z4UGCAZgVU_XZSTVOF2cikmmkafgcPMn8Jo560L8t-Z9gKjB6cT1sAWYV-0IA8bsWeMlRDGKjnXY-pZC-EDiYkUoHX_fYSdI0Q-h6bjOOMquEmHTH_nxxDXHyLU44UrcL9Fi1drwBMMC6kT9ZT1lZZT7_CvFPapMnkr4sGw2eXXYTQVzsT8ODHyQWZoionTfX8J7eZFUOKR3ljjaAS1oH3lHpNq1Mvn60OKV6TYRsYgD9007VAW8mSUufBOHsadHt1-5NSRSFKwMymqwYiimn9kImWsHK9Gu8uZSfWlDy6GWjtagSFdpWS5JGAqoGxivBDO8egwdC_iYqu6OGIEI-cLxdZG8AjtNYqVUKFZoseYddIh4oOJCSutby0A6quW0SqL5n_Is660pAtZN7CgztRWqdiUHw3R6hjC1g06qu_5qhQN9sgahJy2ghvAqucalAOYS4I4W9l9tZfnxnPBhfcoMpKDbtkankNYhbZlNhH_PHSaqc98txlq3SfpvPyRKLWfnwp-7L-3HVN5Vnae6uB_20Ui94ch1TyF95zzP6RWAnPKW6J10AL5SeA3CLhgo8p5vA-WZJpCJVe9vhJ8_xVg04QtU024ALCVjgdrIwM6xaccJHnN50rTBom1FyD9AT0eR9ngw-bwtvzrqiMuBa_JO-mPJmTvU42RSiAy6ZioaaUD5fICXXL9kxlt4vel-TRQdzKY9jUjX6hlqCJAP7DWmGyiCihL00wgbCUcsvEdM4mh0dMP4xci_2_1jc65N9NQUyxkDDbEgbYoddG1jvfISKNey2AKVfvUncw9gap5Fa4PgwFIjxTas448mjtAyXDRmSc8Y2gnVYpyloQochfiOKvp0Maw2jdlZbYyFXug8UVdr61CW_4nT9gqybe5QPAJq0dlsKK7zj9j1hqlUV-4SyHiRIdYfK7SxHO1FqIl_pMjhufD_OjL4h5XO-U2B_Mr2BzM_ug6FdaZ3LGUQUut7Hf_9Hin7jwrhkM_WQoN0zkJhtqWm-Ogjuv75rfQHpOKx2zXzbue_v2PdIlr2TR3rd2Xl9ZEneSLCPYwFxOwYL63LL5V5bbbjHs0cxS6CQoxMIYC68zVCsHkM-GqozOQujF_A3A4XQDxLUZh3FmMNmGAX7Y9Arm_cpidqPHpYmXlsZ_qP1wlT0C6IsR40cRUBBRaZNuHiFjNUP-AykGGoXr6bKm_JbvdyIofAAVJGXSteIzdNcPMcR5BjjfU3_Fdn3kZfuE3jsWeyXonAE1J_u9hazf2TpAQcqvxfzXDf6gP7ybe09fJQjciNRMFGtb-HHK9ssVxIFd2ChpJa74JPt1FQ57tmGC223bVZpw-HaypTDvsHhQMDVoD4Qzczk9sOiifmzO33HoFZ3W6CUYnowpMGXjBiwxK-nrP5vUQs_1bH2ETU9C7NqC5smGk2qghJ6SdeBgfxOmimCCY1tVvplcHqZYfYGGQnOERgVEOWiq1139O0CfQaQffBnCU62RFM5E_FPJJy7SpOmdAXnXGsKO-6pSvp5q_2Kf4gr9T6T2u1YVr-V49vyZVw-9mddA7yKMRl2oy3GM5XWT73_OPt3sHWAuT2LqUwa8-5zxipCpwi1Hiu3Tv7CB5MHsG-t4ElTxic4zvqss6mrkafzlazFlxesl_ZLyGtKQYQkrLEs6e8WpPbAsJgdcILaW-boe_qScoxiJ2lIOAd5F83reayx6MTEULR1TNkWdXg8b69l1f4701IAOGc6EVdygyKXcNcyd-ClAlA-HsRdE2pBgJnTXcZFsPIYFVnRbHMZB3QKY9G-hYZAYdUXr5DZHJ0eURfEDL0zHLSQiH9KNbSbGWvsLIIuTXqgLBc4VbUDWAwvS09DWxT9TK8A6dwdxox565Bf_DaO7SbIOhC5Q_OncPEm9o24VHOkZJeenFZrQbsqz2bJXLN4N9zAGZohfwHMfZuz5SUHJ9g9uyHYVZ5FasdbWZKGSgIdpp77sNiFSgx0mKiERZlGQA727W-yGVPaHOhADwq2urOQXhL9ecbfPAEyy9ryeiqs1sVeY6OqKU-BotVk0v7fPZ2sQot7KOmSNl0o38Q1Qg4vcR4ZlJEi82SYelI0MHkH1pfm-QHcftRC5HXVlNhKSPET1QlafY4FJY8xrsbM4OxayU_N7XTbhAQml-3zOtn5MtPDawtYx8T0ox1SNaI_-9gGHuualH73uA8yoHkSQL88uXz7UTMzdSWn5b2eqlFcVpgv0wWVRqxj5LIKJkHLVU5b8NfeN31-QAREreLI_4ePjRx9Ja5Cqbzp8A3TSTNixzqUW_5WE8V3l_HuFqq6e33EVqSowtleSC7zCum-FhDnXkBlsgeF5N7RLtp4184nqR1FjQcIzEk_nPOFC7cH1UY7JQIJeDnJNO5FRl3BWaxFEWxWQePq0tjmRbJhMsWCAfDuimUZnQMmHmHKv2GkiDzOXg3hRkGkhCTU2bROIcYGgHhUPxDZtnUihnJC_fmnsvDee_yG5L3HLYUnT_L-qfsXyuGtt4O9le8GcP6nlUoGoZwTSZHu9NRO_dYmSCfS2e8Tmk8s6JVX8KV4Z-7ZNyDO_i1RXcOAQ0TZxcK76Fn0VvzoZe8Mmj0Adix_4-MIuJ1pOBzc3ZujO2mDeX2yR2puTDL3ZNB4bvfXTARSzcrt0ni7GAar_DvGgWm8hf3oLLiOtVudYFi49v_R1V70E-sTu0fHhhHDgUzEJHMRBuPk419sh1khALHzbY6NuSeYRFTY6ttrcqCpePs-l8F0X93BSGeMBSdC57SVXyAHdI3MevpWp3F0EfykWmlofF_z2NEYZnR2yt9ALv5cTg6gmuShKmmzOSXFpw8TH1E2Qm6mKXJ7xbAgfqQ5I2JKvBP9mng6XaZRhAPd-e9QBRvLFHBCDFYL27E5UWoZUm3shBPMkOsF1JVopI8_2UyC0IxlczwNTYzqOJVhbaZnPBLK-rwXik5QeiYJX2w-uFfxEm8rb6OkzZVd5XJ_QkfovMvtNnTt7CzJvIYH9meOtTKNkS2zEblPevOsIo4h03iQ8MG8g1ksRsnNCl1lWaobnRuzerQ&cid=CAQSPADICaaND1Z1pwx-CK2Bpeiaqarn5Hn99V3Vr2agCVE8wz5EMOFgyx_x2nLM2PkGbqpsKjAwdA8rMBEXQRgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=936159297289832400&adk=4022746785&idt=411&cac=0&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26601
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E0AF 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUZu2wmIHh2zJ1xRYC_xw-T1frFNuFnQCB_uKvhMhrZjAdCJQqMQsMNUrdag6pK0X1SAaXb3Ii_d3gqMDsuqbjBPAHNgP764wFGHQiXRfIq8qc2QXet1_VWF-DOjOI1mqMEjjdhdDyPrZgqp2OjE50qDJ97bH30a7VGo09YWMYhXDLh74&dbm_d=AKAmf-BgVVPZXPfMFpOtpioT6zv-WRWAFlBXfitN4nbXpuWl4ROnz2dE1QUoUm4nzR7VVhrUQi8TWuYYCzg0Q3wy22uPZW3WQhC6Q-mluWMGrCu5vzkaqPihATVMt0avXKy1OEEvVkFWOflsZHcidosvGTFpA17dHOYaCbW45bMwL1h4OkktK5KtvcSXtP3pqFBVUmZfvv2mbvYpohjAl9RmZgN6PU8OEqKXhohnQpgRU2ewyyqH_Tb-s89mvrpYuzeoz_rav8TcbIdJ3XFHAT7yDBT9vH4UKspVDF5ekXvZe8auSCShSaYCo52j_T5PiKzHENIzF840FpqFp5Kt36NrCxremEcK17tlDJmL1TjBVkZ5m28dRXUbsLvaq8VjlnZNQbqhxa63AUNpASkZk5y8uXXrdLt_SoXF8951X3Dm4NXiNQdMuxNHInZjfdq6Ri8GcrdHMi4XoJEJw93j3hRSrzdaeabS8R1AeRDOZrzenSt1WLCIvi5ScvIfwBo5k9yMdWgMNs1i-vrX-uuwUuDxjArTfisEkVosPyhe7FRUBFab7MhvpFnhOVOaC0EgtCtaWLvnHSWE8WPMw6jPZf-POlEvmJTBTz0ZXgUC39wpW8Lyd6wAeZI9Wp166exP_x3wnRjtU5leCo2l9LcHofzeSu8Laz97RudCuKr_rMLJems9gO44Idc3cWLm1VGduj-Dnu25_qWmRmltHD8pOja62Emhxf_WtGixsdmd7yBdcCVXPtQgO3VN5lFq1Cu9igPSTIzDYwK_ZpKo6DmsLn-vV2dlKRiuwu6L8x5HM7sPD4XaGOXPAZDrEu_cireIVjlJk6H4ms0_HVPCHDyg8YeTl9_16m_1Qv5U8TWANJxVTRXFCsD4Tow97haCkKkcnNAmflWmqbL4tslMM97UKA14JvYKCOPuOWNvRW3hl8Z4UGCAZgVU_XZSTVOF2cikmmkafgcPMn8Jo560L8t-Z9gKjB6cT1sAWYV-0IA8bsWeMlRDGKjnXY-pZC-EDiYkUoHX_fYSdI0Q-h6bjOOMquEmHTH_nxxDXHyLU44UrcL9Fi1drwBMMC6kT9ZT1lZZT7_CvFPapMnkr4sGw2eXXYTQVzsT8ODHyQWZoionTfX8J7eZFUOKR3ljjaAS1oH3lHpNq1Mvn60OKV6TYRsYgD9007VAW8mSUufBOHsadHt1-5NSRSFKwMymqwYiimn9kImWsHK9Gu8uZSfWlDy6GWjtagSFdpWS5JGAqoGxivBDO8egwdC_iYqu6OGIEI-cLxdZG8AjtNYqVUKFZoseYddIh4oOJCSutby0A6quW0SqL5n_Is660pAtZN7CgztRWqdiUHw3R6hjC1g06qu_5qhQN9sgahJy2ghvAqucalAOYS4I4W9l9tZfnxnPBhfcoMpKDbtkankNYhbZlNhH_PHSaqc98txlq3SfpvPyRKLWfnwp-7L-3HVN5Vnae6uB_20Ui94ch1TyF95zzP6RWAnPKW6J10AL5SeA3CLhgo8p5vA-WZJpCJVe9vhJ8_xVg04QtU024ALCVjgdrIwM6xaccJHnN50rTBom1FyD9AT0eR9ngw-bwtvzrqiMuBa_JO-mPJmTvU42RSiAy6ZioaaUD5fICXXL9kxlt4vel-TRQdzKY9jUjX6hlqCJAP7DWmGyiCihL00wgbCUcsvEdM4mh0dMP4xci_2_1jc65N9NQUyxkDDbEgbYoddG1jvfISKNey2AKVfvUncw9gap5Fa4PgwFIjxTas448mjtAyXDRmSc8Y2gnVYpyloQochfiOKvp0Maw2jdlZbYyFXug8UVdr61CW_4nT9gqybe5QPAJq0dlsKK7zj9j1hqlUV-4SyHiRIdYfK7SxHO1FqIl_pMjhufD_OjL4h5XO-U2B_Mr2BzM_ug6FdaZ3LGUQUut7Hf_9Hin7jwrhkM_WQoN0zkJhtqWm-Ogjuv75rfQHpOKx2zXzbue_v2PdIlr2TR3rd2Xl9ZEneSLCPYwFxOwYL63LL5V5bbbjHs0cxS6CQoxMIYC68zVCsHkM-GqozOQujF_A3A4XQDxLUZh3FmMNmGAX7Y9Arm_cpidqPHpYmXlsZ_qP1wlT0C6IsR40cRUBBRaZNuHiFjNUP-AykGGoXr6bKm_JbvdyIofAAVJGXSteIzdNcPMcR5BjjfU3_Fdn3kZfuE3jsWeyXonAE1J_u9hazf2TpAQcqvxfzXDf6gP7ybe09fJQjciNRMFGtb-HHK9ssVxIFd2ChpJa74JPt1FQ57tmGC223bVZpw-HaypTDvsHhQMDVoD4Qzczk9sOiifmzO33HoFZ3W6CUYnowpMGXjBiwxK-nrP5vUQs_1bH2ETU9C7NqC5smGk2qghJ6SdeBgfxOmimCCY1tVvplcHqZYfYGGQnOERgVEOWiq1139O0CfQaQffBnCU62RFM5E_FPJJy7SpOmdAXnXGsKO-6pSvp5q_2Kf4gr9T6T2u1YVr-V49vyZVw-9mddA7yKMRl2oy3GM5XWT73_OPt3sHWAuT2LqUwa8-5zxipCpwi1Hiu3Tv7CB5MHsG-t4ElTxic4zvqss6mrkafzlazFlxesl_ZLyGtKQYQkrLEs6e8WpPbAsJgdcILaW-boe_qScoxiJ2lIOAd5F83reayx6MTEULR1TNkWdXg8b69l1f4701IAOGc6EVdygyKXcNcyd-ClAlA-HsRdE2pBgJnTXcZFsPIYFVnRbHMZB3QKY9G-hYZAYdUXr5DZHJ0eURfEDL0zHLSQiH9KNbSbGWvsLIIuTXqgLBc4VbUDWAwvS09DWxT9TK8A6dwdxox565Bf_DaO7SbIOhC5Q_OncPEm9o24VHOkZJeenFZrQbsqz2bJXLN4N9zAGZohfwHMfZuz5SUHJ9g9uyHYVZ5FasdbWZKGSgIdpp77sNiFSgx0mKiERZlGQA727W-yGVPaHOhADwq2urOQXhL9ecbfPAEyy9ryeiqs1sVeY6OqKU-BotVk0v7fPZ2sQot7KOmSNl0o38Q1Qg4vcR4ZlJEi82SYelI0MHkH1pfm-QHcftRC5HXVlNhKSPET1QlafY4FJY8xrsbM4OxayU_N7XTbhAQml-3zOtn5MtPDawtYx8T0ox1SNaI_-9gGHuualH73uA8yoHkSQL88uXz7UTMzdSWn5b2eqlFcVpgv0wWVRqxj5LIKJkHLVU5b8NfeN31-QAREreLI_4ePjRx9Ja5Cqbzp8A3TSTNixzqUW_5WE8V3l_HuFqq6e33EVqSowtleSC7zCum-FhDnXkBlsgeF5N7RLtp4184nqR1FjQcIzEk_nPOFC7cH1UY7JQIJeDnJNO5FRl3BWaxFEWxWQePq0tjmRbJhMsWCAfDuimUZnQMmHmHKv2GkiDzOXg3hRkGkhCTU2bROIcYGgHhUPxDZtnUihnJC_fmnsvDee_yG5L3HLYUnT_L-qfsXyuGtt4O9le8GcP6nlUoGoZwTSZHu9NRO_dYmSCfS2e8Tmk8s6JVX8KV4Z-7ZNyDO_i1RXcOAQ0TZxcK76Fn0VvzoZe8Mmj0Adix_4-MIuJ1pOBzc3ZujO2mDeX2yR2puTDL3ZNB4bvfXTARSzcrt0ni7GAar_DvGgWm8hf3oLLiOtVudYFi49v_R1V70E-sTu0fHhhHDgUzEJHMRBuPk419sh1khALHzbY6NuSeYRFTY6ttrcqCpePs-l8F0X93BSGeMBSdC57SVXyAHdI3MevpWp3F0EfykWmlofF_z2NEYZnR2yt9ALv5cTg6gmuShKmmzOSXFpw8TH1E2Qm6mKXJ7xbAgfqQ5I2JKvBP9mng6XaZRhAPd-e9QBRvLFHBCDFYL27E5UWoZUm3shBPMkOsF1JVopI8_2UyC0IxlczwNTYzqOJVhbaZnPBLK-rwXik5QeiYJX2w-uFfxEm8rb6OkzZVd5XJ_QkfovMvtNnTt7CzJvIYH9meOtTKNkS2zEblPevOsIo4h03iQ8MG8g1ksRsnNCl1lWaobnRuzerQ&cid=CAQSPADICaaND1Z1pwx-CK2Bpeiaqarn5Hn99V3Vr2agCVE8wz5EMOFgyx_x2nLM2PkGbqpsKjAwdA8rMBEXQRgB&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=936159297289832400&adk=4022746785&idt=411&cac=0&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
27138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E0AF 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
106256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EEB9 		1 KB
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
7151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sun, 19 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E0AF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
013c7973a04a33fa5edb47608463a1d82cb93b38645018c9a1bba70f6ded998e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
yv
beap-bc.yahoo.com/ Frame 2DC0 		43 B
762 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=8649944298532119536:1700350560576&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=l1GEJabNhkkbZqwehfi7RDF0UR5V5qDNJSi2ssNhCwYsmZF-nsdSWZQpByaS4Ys77DOZNFv4zZTGfPRqnnFBj_7ZHuFDTu4VF-Qtr3ebt87pYbDywhaahVmHdEGP4e_6k-LtVaFlllgF6w0n9TqSc0eCb4UwNG7VtmPdJiD8xKoHA-lvoyl9i3ZnztmbH3avNP6vsOhtMqXDyXcPyM8pCA&iv=100&v=1&m=2&r=1700350563800&im=1&b=20&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside-20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 0E93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3921667393077596&bg=!4-Cl4K_NAAZxrfrxUa07ADQBe5WfOBOj_-z6ME7rf_mleWsbhXIDl8YgImLCIwlDjF1GY0tJH82x2e_sxDBo-oqJZz73AgAAAMZSAAAABGgBBwoALqMPjra0gMVGh8yS8IyLOSO2ctWNV0QWyNrJ7b2Y0BpQMa_zbTb2Mq59_SSXl9GZAs0Q7A1ibpu4QTDJtbYX8ld_3nW3f8aTye0J5vmrj-5BNle22zp_rrDJAI6WVZ2VvM2BQKGvsV9T4DegvFyFvrD-vzQDR35svkCH9jNn2h2Wfs6K1L_5fc7xFj3I1HIQmsEz7SIbUjOuV7hW7qhDgnJwFno9QaVvdJ-C5k8K09ndPCpYwBY8s4eosaZyA1kFRlnZC-G_FuJmypTLMxciEYv98W2ISka_-YHMIzX5NiONzH_p3mi9u4Lx_szBp7LDt91BsIu0GsG_qpiCR5rYl-eCQngQ35fUTIdpGYNjzEB1e56ygoXiTawyRPaJyWtqO4F248HRF-u7XTxw5jFb2CdyuXhhSzLkaWsQI9ckAmnqWXnnN7U93m9CDnLI6ZKhPNb1K66_XcjfN99s3Re7F__trek-7XOh_6pd94LkQZsw4Q8pej9mErUSxqVtk_vr5WTS3pL0oaBsNIIBXhBWBIdFJKfTyUXMuNnsgb1GBDEEMdoNoFnd5vWQhYDMJo-Z0xL_WoWTThlrSaDu4TQ8ciuZCfEXc3KCZQJGl4uV-SSYxYyEL0cXiGzKEUncOl9zt8d4wmiCjIdtjpG6jrYKqYuYntY7L7G4jKZQRP95gpakqmeD77KZ2MLDYG8xlGs9va7q7WqG_djjk98iyznyLWqMYVu670xrF_N2T4w0gAc7Bz7PESGGBFd5oiK7GGXAH79pr3J8vo2bAqPRt9kV3qnrbiVmYVCGEKYosaCrA-Mu0O1iQNkxiSVW4bTuXlUbnET2R-XOGmIR0iYBCX2LSpcHwybH4XlfcBCkHQDozeIcs5OKpetNb1FJifriDBt-un6Eno0TROmFlDdKSt8oVciQDEmZ17NsEnwyrtq9FG6_utDE5Le-FOD7GBAj4zPyy--JWbPWPimL8g7yFGyHCm4aFhWZi9q6YMW_2B4lsBvCJ1f63fzD7Af3XfH4GU8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 7925 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2KBKHLNdifM-mVyizx8p7SMBKTnlVouTacnJXhEMdzByW-FN1VcMRq25GGLt-7B2iPHyp_Se8pgrrjLRcv11V7ld-r7grcgSgeT8HNPCwD9TRVlMcz7x3OcvDPOjaVjHCT1CO6kkl9VTSqVaSs5wHDojksKoivrSQYfnaT0JEkhSLu5LoehThwVEJiFi_gLZ-T8Ftrj3hilvxvfaiM5sFFN8gQGtndVYozb8Y0ACC5GLh-Qj1Ug3zJMssorhZkQ034fqUoYTZ0Lb5mgLSSye4VorMSQ5bOwZ-br7ZZoq06dGKIteKgAttOTP0pfq3S8hGSiHruH_untNLlN48XEtdCK3Or-Sn3xCvf4JahYDOK7FZgIepm_9C9wcpLRGi9-pLIhbJk75eXhELm9vf9w9g-nGxiBpnr6J_RXNFcjw8fIOckbM3TYkg5d5OmqPObATIoh4bnbAGQMZ1je_luvyaJzPmP8az_dukbVN6g8FK0f9r-ep2aQCOSRMkDdZXRyPkLu11T2O__zIIFmpSYWaBb_ErJ8mT_Ry1rUCMERy3d9mbQGbPAaFZOou28WHOsMkUWmeH_rrVo2PbFEjNh4O7DGiySQr_dkcAsMzMTL-nOIR_HHNDMGoElrpwzXIrBNd675OAW42bV-sp01rw6xuKbNVL6_lSxisT2A3Kxh-oR9PlmDBSnxr7qG8ANa-Pv-_f7YRfHcHVkKCuCQj-cb45qnZ4AsMxik3RKGYJY8XYknoFrdayRbv1tnbQJl2BPp4p7hchXYiwiJEtlurACCAmyiZ7PTWKdAtWRwL2sHekLlzeSYzkqFuAPVQGrBqi4nHoqHllZdUyToN9A_sVYtVvNmKGt08Gs4wMao2r3-i4gIGadCTXvTJOQv71LSjNsuYf7B45SCky94CxOAUqC3JcXzY4ymqqh32Kj2CgTV94mHLPDvnB9zAM3JAhowU3eK8nMu-ziZmUr3M8K2psrrWdDc5vloGZZGXqKsM8qbDx7YVpJ9iLWNp_Tz14OzcaYaSpTbL6duub8pIxbFa7jQWOaYlAlaUbU26_xoUGrhz-NXDoQgehz5fUjGAfzaAibaps-SMSzAgApsyt6nu45cKuR0-Yg8NxW6zyCTC1BBsxisFqwqmu-jRhzlTKggaVwfhZAgeQ5xW9acwz7curzziSun5HH2TkvjZ1za2Q-1NeN1vg9_6-4ioS8AqQ8U7GBh2HErG6Tl6bytj6AZ7NWpqDcfGF7HM5CmQy4fSWqGCyEig4kGhmzKg53uK5F3g9C8x7j5cWWbwS08bMHkcCXKLNXRHMHmh_QvZzjaGsqMJG7h7ixaomna8aQMkFHrqXh_XoYafYzwjMtLJDx_TWChylaPG35kk7QeXBUx0IFfCrwxQM-8SlETI0wnwxEJ0COjF1WTjU_FnorhmnDSMuZ6S-k_zmOg0oFa_JqXKlDtqj_7HknM7mq0V4LGa4njIObzPhNCTSV_amsrycXGXuKCYEqye2AHQfSLE4zyFVaqm-yesVkuGJ8Nds_zp5Gu_2HjoIbzHzvP4d0Q8Li16lK3EcdD2T6h9jQP0VoA&sai=AMfl-YQH8fVWWjUOo0EimJvKxsvZxIyOiTtYbunFdAK8bGAuxrdsTkwZOrk-yZT7-MwFig07Bl8cDy2w3rigVlShtz8Psf6xouuArV8cH8HozrFBjb2BTcW9VhBpZxpFp5MrckzV8-GvhHZxJO6aXgzPejdUq-QKIoknMDnJR5wGO38AvK1ta1UzQHfIoNuRitbfLM2mgdVP1GcDcUpKfPQyBGjKfkAWYrL2ESSgaFiw7KgfAw09JlLKzmCtDfG0eWnUlOvqp5WGkgZUeawnrECZZAUAthqjAE-t5w&sig=Cg0ArKJSzAFBMj5mzzQwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1453&vt=11&dtpt=380&dett=3&cstd=1444&cisv=r20231109.45036&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html
s0.2mdn.net/sadbundle/2424957407877660672/ Frame A27F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
16451b410da7e2e5795bc39384f40bb5da9c5049519689afeb4b936a4ec7f6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
87369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:19:55 GMT
expires
Sat, 16 Nov 2024 23:19:55 GMT
last-modified
Mon, 16 Oct 2023 09:15:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame EBA3 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
9379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame EEB9 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFwDFBaOF1Bl3hjINod0jhI&google_cver=1&google_push=AXcoOmRnnOVoGhorvP8KO9nPfLOcwTjp4GztCOSUz3_oDjPg6DgYrD10Kf4uvr61X_CxSNJtmIq6QfMO1XqgHOvjDjvI7zwMSZg7gmYVshPWQhdT0iTWZUCBc5L17dAAE9XcJ1Us0NMPzX_h5QTWvt61uKk8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EEB9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFkgJUwLV8-bbR4kkgna4KQ&google_cver=1&google_push=AXcoOmQZ3EBOe2-3BfPPTX1WYaqN0UaZR1P1Vh_9bixe6J5abtr46XjB7D1hTuQixiHXzSJQJOeMnsDrR872eHZlKX7a...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQZ3EBOe2-3BfPPTX1WYaqN0UaZR1P1Vh_9bixe6J5abtr46XjB7D1hTuQixiHXzSJQJOeMnsDrR872eHZlKX7azyHEqShFoCPou40Cj9cjYBrQ6qps4PUdDVxO5rUdYO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQZ3EBOe2-3BfPPTX1WYaqN0UaZR1P1Vh_9bixe6J5abtr46XjB7D1hTuQixiHXzSJQJOeMnsDrR872eHZlKX7azyHEqShFoCPou40Cj9cjYBrQ6qps4PUdDVxO5rUdYOT-nM9TswL9oIyGg2aNvH9p&google_hm=jfzO3WaKRO65XtNJ_Bf6dg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQZ3EBOe2-3BfPPTX1WYaqN0UaZR1P1Vh_9bixe6J5abtr46XjB7D1hTuQixiHXzSJQJOeMnsDrR872eHZlKX7azyHEqShFoCPou40Cj9cjYBrQ6qps4PUdDVxO5rUdYOT-nM9TswL9oIyGg2aNvH9p&google_hm=jfzO3WaKRO65XtNJ_Bf6dg==
date
Sat, 18 Nov 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame EEB9 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRaQfxHpPNQGte9px69jDDpWct8uhVpN5HOqdlwHXKtYtuD9k9yD-iX-T9GBUSkmJ55UVbzjif3E7XbB4g5oZ5ZR0JpQK9u8kzYl-PfiC7D3L9tIbvdmuGYAgf1xKbS_hYp38oJDRC1NSrj6EIN_Rn7&google_gid=CAESEFegSGhxYfVVx7S5jM1wFcA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
360658
expires
Sat, 18 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EEB9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHYWuCv3uLMO2eJp5jkIZWc&google_cver=1&google_push=AXcoOmS2I_jl_j0jJj_SB8_UQ0OjwRYi1-eOdqKItSz7IcGvV9T66fxHBKqwEog3RuJ7qVIWt49KnrR28HNTbcF...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TL1JPcKpWDx4iKgRhMZumx-kP1Y&google_push=AXcoOmS2I_jl_j0jJj_SB8_UQ0OjwRYi1-eOdqKItSz7IcGvV9T66fxHBKqwEog3RuJ7qVIWt49KnrR28HNTbc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TL1JPcKpWDx4iKgRhMZumx-kP1Y&google_push=AXcoOmS2I_jl_j0jJj_SB8_UQ0OjwRYi1-eOdqKItSz7IcGvV9T66fxHBKqwEog3RuJ7qVIWt49KnrR28HNTbcFkcCdp3Nq3TiIaKmnBsrYMKq3qlKff54qhXnMoy2kFeMCLxoIYwrQdkeMPkJ54Jw6mZPy7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TL1JPcKpWDx4iKgRhMZumx-kP1Y&google_push=AXcoOmS2I_jl_j0jJj_SB8_UQ0OjwRYi1-eOdqKItSz7IcGvV9T66fxHBKqwEog3RuJ7qVIWt49KnrR28HNTbcFkcCdp3Nq3TiIaKmnBsrYMKq3qlKff54qhXnMoy2kFeMCLxoIYwrQdkeMPkJ54Jw6mZPy7
Date
Sat, 18 Nov 2023 23:36:04 GMT
Connection
keep-alive
Content-Length
298
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame EEB9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOwRQGLbovWMvvS6HDXrg4c&google_cver=1&google_push=AXcoOmSu3Usw1UAeJORmoBUZB-gSSde_wJIRuXsIKk6D33N701wCdFPFYdsFynOJaPrhNxfoRjn...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=AXcoOmSu3Usw1UAeJORmoBUZB-gSSde_wJIRuXsIKk6D33N701wCdFPFYdsFynOJaPrhNxfoRjnyDSKJY9cNyCeiEwJBKiGi47xP732LU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=AXcoOmSu3Usw1UAeJORmoBUZB-gSSde_wJIRuXsIKk6D33N701wCdFPFYdsFynOJaPrhNxfoRjnyDSKJY9cNyCeiEwJBKiGi47xP732LUjrS967_Hi6wmKFVvDkEG7EL8JVwiqaGDrId_fKQjdj56jcMPM9X
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA0T1RMVUYtRy0yUFVB&google_push=AXcoOmSu3Usw1UAeJORmoBUZB-gSSde_wJIRuXsIKk6D33N701wCdFPFYdsFynOJaPrhNxfoRjnyDSKJY9cNyCeiEwJBKiGi47xP732LUjrS967_Hi6wmKFVvDkEG7EL8JVwiqaGDrId_fKQjdj56jcMPM9X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame EEB9
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHKKQU17KEa_2BDy-YkOz-Q&google_cver=1&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiBdsMq76D...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHKKQU17KEa_2BDy-YkOz-Q&google_cver=1&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiBd...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=enQq9fIzQ1-oKIOyKOg63w&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=enQq9fIzQ1-oKIOyKOg63w&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiBdsMq76DL8-qonoQhMS_4BCKWVhBRd_yBTnZSWjNNx-wlqcJgjZtOCW-ut2fw8p8ckdmop
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=enQq9fIzQ1-oKIOyKOg63w&google_push=AXcoOmQnyvTmGnYCmF4a1F7JY62cUALcfoKbis8MbOAZXuXueiRyfqNoZAZozYYkXx0CU_XP3uspCrLNbc77aiBdsMq76DL8-qonoQhMS_4BCKWVhBRd_yBTnZSWjNNx-wlqcJgjZtOCW-ut2fw8p8ckdmop
access-control-allow-origin
*
date
Sat, 18 Nov 2023 23:36:04 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame EEB9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFidyT1tA_3UzzlFTROX8ok&google_cver=1&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_Id9-ntMV8neuR0C92QzqxEmnXCwfQZ6Cr3lfcLNRuRc...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_Id9-ntMV8neuR0C92QzqxEmnXCwfQZ6Cr3lfcLNRuRcZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA3ODAyMTYxNDk3MjQ0MTA4NTY2OA%3D%3D&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_I...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA3ODAyMTYxNDk3MjQ0MTA4NTY2OA%3D%3D&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_Id9-ntMV8neuR0C92QzqxEmnXCwfQZ6Cr3lfcLNRuRcZ7nos5OAc6rwAYOPEXNBpbvRDTIab2Z0o5XOjUtlilM4ulmR744wkn2Wtb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA3ODAyMTYxNDk3MjQ0MTA4NTY2OA%3D%3D&google_push=AXcoOmSwpSh2myTQ5sgOVDernizTARsjtjv8Rcg9gKaxoXWWSB3lNB_Id9-ntMV8neuR0C92QzqxEmnXCwfQZ6Cr3lfcLNRuRcZ7nos5OAc6rwAYOPEXNBpbvRDTIab2Z0o5XOjUtlilM4ulmR744wkn2Wtb
date
Sat, 18 Nov 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame EEB9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KszqAtbKrRvY1WX3ztUA8k-nxzZSKOi1ABt41o9S9ywGrZvfEhzH39cbDM1G5FnL7RV2G6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame E0AF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvz0VbsT0D2kRKWs9OPJZPiEy0bC0rpgpMkPqpgtyZtH_tkV_rdcLuzir9GsOuNgprr2T_HiOvbDz8gdiIyMV4cTuUULU3h0Snpu5esJL59MtCmIUKxxCdRBz3BsxB3cWydHP-dSGPz7DaEo8WeVIBtRCADoYehllOF9ShmNAr_rbqZcdruHnFxyNnjQeJIyBUurPBwD_EI3WY0Vok9iLfMuPa9EWtgVBSPMz6Noxr5H4liKCchh0ae6O0U-3bbzyBDrlhdaemnU8HlaNj0n_nivq74RI4WauvsWWTi6jc_pn7-Vlc63hB8gtXRYxRMsOH6jR3F_FdxVf2kQ4l4jA-8LhUAK4PqUpouBoK-sgJIrGo1bO9M80_Y4qMrLiyueaOzxewDNzp4290PGiZ83k0OvBgHWXOIivbnfzpAtudqU9LM8JWUQjcc_EjUWnPgUeSa2vPiD7svlNAkO2xOOXQoH30xS-3R6r_mRJU-RtJ4uJdlqDgfpsL9n4VnITcRV_H9n19PwdrOPSzIwI37mgAeMwTczVwyyF5LXGFSZg7pdjlB-eOQ7s1mbaADdA0qswiWUL1a6HFn983fr3xyCYgaKtr7RnPR5zDFXOkNMz6X0-nHS8GJ2n9Ju5MHEpvrgRWp7ma8vKs0fmrFQ9X0v8sUgL5mrSXTGpeHC406Gyym-TIakT7lMnfc3Ag685IRZCzhZIxd6S3mYXB6ccIadxGCw7bli-hr-_8sMyZP74ywTsDDMdQtv7EHEGVIBn6AY4a0_4xq4CDp0pvQENKUAmHwcn95eC3FbHpsAwVF6NqMKhjtm6AvDV81E7iV_gzoooxtOWmoo59PRpHqqXHcF7GaL8ofdShKQiP7Fey5zV_isG8pwffEWO7WAbZpOam7nSluNa_wRsBeMpj0iksv9uZrAgvDmZ0V59HkY8PsjmmCoCAab3ocwIVRtAXCs9MbtQEgyinDF4k1BNk6IbkIvGm99CEfQhjdkD4zLYR-HWvZ73vMR1brH3kYh5W_TeA49C1DjjGmfN8BTeQam6uaIOs9uFL-o8grcWiiiJfYsFSn9NdrF_o4sRKklYfz1PXoyTZC8W1gjRqWnepsJKU1RfRtaUdXKhQ4JdBv2WUz4c9lOMmPUfbs0oG-YbR20-B8nBhzLA_AjBxEp5vavKQMmh-PuJLKvxFfqs0RUtV-n4_C1xBGadZnQadKvvVvisORdzzpzBmNAmnhqDNhFnwJZy0isRw2gXrEuIbAK8SUqpxBvFpo93yWkLScJeJQtwXOYcIOhOm1C0KFuAkN0ZTvwR32BdYJPtf7lWg4OCC4LUOpE8S1jlvqEttZOW6CS3CvN6LuZLE4mjS5hjs-QYbQ3eR9tbF8XDFpK1-PDPPoebYCpah7IPAxNedOMLTWpKTw-_2ZiHtLZUNTV6fRw5Z23fLAf0Ctd88YCVVD0KSvFq-aOIgcfXdAVn_AmT_RyJDX&sai=AMfl-YSejLCrQhmf997UTIfgDLld_JLDrtA1peU07XqCMHevCBBKFLBeUUBc9w9WKCsBxixyDjFu1VqARs9YHXJNgcvK4FbpZ-iGZWmUxojKssOKPhoe5oUV3wLoMz0Jh1CuJg4rd-jxDuQJe_z-vXy3M53lLH3VmgZSEkpWoMM2dW12pA6KUXwZQ6jokFb29PUmeZ1MCFZDQixX8Fpm5LKx2EZ4xE_tETmOe0db0GRqT4JR4JqKc0fd7Hn5FU8pFxV9LDqLGCQVFAu9lXD76-3zIW6vLC--q4hHPA&sig=Cg0ArKJSzIK7JLuwhJGdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=405&cbvp=1&cisv=r20231109.00441&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 23:36:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
3110774897785655514
s0.2mdn.net/simgad/ Frame E0AF 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3110774897785655514
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
6957f45417898b78de3f5589aecb5d5c30dd17280c97964754394db3062a0733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:30:44 GMT
x-content-type-options
nosniff
age
43520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16494
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 09:15:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 11:30:44 GMT
652cf45a843eb9eeda7667d0
c.bannerflow.net/a/ Frame A27F 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssgYFSkG4x3HfXnznKdIWUPfbItukX0WwsJqb5zL3iZAJyC-_fWJjeSsYK40E6sBAjvNnUdSG-iJL_0UJvcstcZLJ_xxysRZglrGjgxqr4hm8s_Eyqq5yUVgDbXOAXPMAUHAf_Dr2O4fyTq_FOMGoLuVRTabH1kx-5a64PDAm4qxEgGOIYPuKezqX-O361scGtCx1n0Zojit4Yp-nbqytb-IkWimJ4T2u0b7MjztUzF0mZUU7sedHjjneaRsAyLGk2iApDMK_VIVhF6IoZD2wzlsZoGMJoY5kgEfBov2duD4t5Pgmd4S6Lnv9kcgpKmLP06Dfw0Y4mQz0xNiyUgMWuvAkSCMGv7QTQUKDcJN6b4dBbqTt_9ocCMMX92jmr7G8u0QDlqSxQbN06NKd3kj_aktaI8R-AriMgErKf7Uyv0xJA7h3dRwK2HR-AwUytACn9NNuXK12IAKijRrQmR8zXuy_LD6bap0U88YQwdTTFuChVzYmtuulm0sHuajtWnCxUaWCAFoFDnyu0EKbfKWpQzh_cLkztqG08dkJ1OVGQQkoK1EuUHa6YDrkpU704rRLCSFfG-PJ9PQnomb7R_-lb-unghUxTIJ5xIFsiiTfntJppZX2kUMRmEcgNETmOKKWHz_PpMXLZWX9ChK5-RWCRSgU85L4DORqfBP2K_5AZ1wqoZSGlZeQ26U-p4YUg9Psd0tAqboCJffhWZrlIpk2ZYJFaS4w3ur5cUp3dNEY1H4sl8tVmwOZMSQiHCGKT_Ajw9uK0HFQ7UsYO2h-u5oLPXlHEdkWBAcRfOwxrXU1SRrSwbHUAgua1VbSzjrhbZaf41vuHAWfCXzEoPoRczaJR4Kyb-t-zMSqBrvX2NtTLpBAvtRjq1JjPwhzR_M5_oe2sf9YqMA9E54ZsB6CTmxstVZWAp72u0gu8IHC-aMN-VvnCB_bRwK24qzC6lN9eQS13MtjEE1L7Y8B-A-5Cb1_7rqNvXVw63K2lloPXmp0dIL_-3M4Wp-BRMtC39pXdc15tCiaM9RaR8D4P-lwTfOeu3iTGcMZGVDHCKGSgm_oI0Ipnsuq7UHALlZ_YcmSsQ4J1kE0H9bGGgUZ4Klw7K7nE5stykRX4sqgGy9fr3obSJ6cmo5TwpuOidZCoW12ncWHEo3PlkqhzvvQv_NCAZQkzBwn--FM7HXoHP1HKt6K-irzTQWaC8MiZQYHL7Tmo2R09DM8OOEPp4cIY0w-RIP5I_WWz-Lf8z1hs4Xlvr3N0OPN0UT62gDdi2iEfNaG6VKQ6ZSAlTsMSCC_9oflTJJCeqplUxU4IaZZp-wQO60vFULR-l5hC5AhxRcROBe2rPrG_xnyPktg_QMny567i4PuQU1QFQcPwiLSqcCPoSzuUzfyM7IINx0T8exnemSHewYxh7P-rtwzQEDTnGMxFzGKa87UtKdxDNXsoxA0MAqoWu_nFRyHhxuzCi4b8quJzrW_SqKKUGMsc8aahggUKh0dIr76OF-k-ZABREKm_aKhgz7ko76fXEZH9fUl-i_L2hDrvGauVZZJMawwwYoKxdcIZi0IqRTrsBz6yj%26sai%3DAMfl-YQoyfgnwWRYB_wiayejHfQZsXdVlhHFxUWQk6FUxtbvrt3NZ9VgoIspFLTibalwp4D-dnPxE1L4hGpqsi8c65tMpy4V1cSA6YgRxhEMCjfUMq19thsVEDo33MgeX9VILysSPGIWUOOuI5MQu-YKrkXrmSAgV8HNmOzrGB-Ip34I2ex2ocE-Brtr_cQia0v9lnLSFBBdWT0cGIxNZHXdi-6nBUX7mRtccEu9pB_kaPSUac0FIVb1HKC_BxLr1B22uH_dxusKmF89FHsp8s8up-YMLnkvIRpkd72cCwsnrl8i%26sig%3DCg0ArKJSzPSuX8ZDVInUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e690b007a72c30a72e0eb7618678874d0b3fce48c83af10e6f974d4e9e6a0754

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 23:36:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
828408950b2b020d-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame EBA3 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
30598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 15:06:06 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 18 Nov 2023 23:36:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
300354
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
216818
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
a0e1eb4e6b7c361b6dd9fad9b9b7f7f29bacff9af033586fa160ca87b963c707

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 18 Dec 2023 23:36:04 GMT
checksync.php
contextual.media.net/ Frame 8F26 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8529
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
Mon, 20 Nov 2023 23:36:04 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 25F2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
53338
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Nov 2023 08:47:07 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-id
PpZf0dFydvJ2o-O9HusuTErTY0qBgTYESCfOmnTexSnc8WxzzcB5TA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
csync.smilewanted.com/ Frame 2AA5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82840892fb5801b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
server
cloudflare
vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame E0D1 		653 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4db4ddacb422af8d8f029f69797b2400e008d192bf8d3ff23d128195f4be9060

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
415
content-type
text/html
date
Sat, 18 Nov 2023 23:36:04 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 6818 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 18 Nov 2023 23:36:03 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
usync.html
eus.rubiconproject.com/ Frame 73CE 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:36:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame F7DB 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:04 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame A81D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 18 Nov 2023 23:36:04 GMT
ETag
"623de86a-cf34"
Expires
Sun, 19 Nov 2023 23:36:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
ixmatch.html
js-sec.indexww.com/um/ Frame 5BA8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
142
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82840892f9f324c4-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
Sun, 19 Nov 2023 03:36:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0EB4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700350560726
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
ea12fd067f88b92064d51ff4fdade5a18641064019a41376ddaf783ecda6756e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1217
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.js
eus.rubiconproject.com/ Frame 73CE 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34555
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:59 GMT
img
sync.mathtag.com/sync/ Frame 0EB4 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x7 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:04 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x7 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sat, 18 Nov 2023 23:36:03 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0EB4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0EB4 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 0EB4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 0EB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame 0EB4 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 0EB4 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 0EB4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 0EB4 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350560726
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.207.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-207-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame EF1C 		0
0
sd
us-u.openx.net/w/1.0/ Frame E0D1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EaHVHhP11hYK8NVGF6bNREL1hhUKodgeFPafKb48
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EaHVHhP11hYK8NVGF6bNREL1hhUKodgeFPafKb48
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EaHVHhP11hYK8NVGF6bNREL1hhUKodgeFPafKb48
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E0D1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1407869859430572812
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1407869859430572812
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1407869859430572812
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame E0D1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=dbb84707-ffb6-c33b-3682-026052aa7d0b
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5MC6AH9VJMTHCM2WC2KZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame E0D1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=836e3b7a-e31c-78c1-f68c-80f73a99b6eb&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E0D1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYwMWU4YjAtMmE2Yi0yNjY1LWUzNmMtZGE0ZWYwN2I3ODhi
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E0D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq4XBPGbEcNCtt_yCj8cC0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBA3 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BG1GZY0pZZbP9Jo7B9u8Pg5CqsAYAAAAAOAHgBAI&bg=!QkGlQQ7NAAZxrfrxUa07ADQBe5WfODjvVRTce_ShRv1FVFANrFEGpPnj7eOWASHn8AApiC0Z71Z_fiWWF4Hb7CKeW7eZAgAAAJJSAAAAA2gBB5kC7XHIdypDYYC1UTTbwLALtsj6ujOeTA-NiK11xkgeknWfALXz5ASRYMk9MA-Hvoh8jAveReIiv05uwnL_JQZPC6nQTXu_jB-Y96Q4c_bBtCI8m6-RO4UR06_jW6vvA9RYtnpdEBrYl097M2UdvMSKpBO9s-db-n2nch4_tTgyLIPUoaSGfJZUCBrMU0Q43qQ51QZWV36YkFcrdK3mPdpTSezd8XGqebdmyqy0XkuV6cgOUnmDEbSExXA6fHjkSyMXg-R4vDKOVwR12gmxxZx1MyjGi0BSJyELM3YgyzRB1PbCnN4KNxV5ZgeyS1-GH5BQjX2wqK8BP0FfcGtFu_Xq9vFXD_O0IglkS3kPLmXC7qzYtwX9v6g-sbgXjNrzln50S5uZGvEXHlqNR2PUeGXiarvXCpSxy4rE0F9DDhIkPNrgYW1yNMnYs1oAkBRgLqNqjlyJExr42xSd1eF1Yp6jYtt9Mtu8UhuiE3Xc_68wdfx-bLZ8e2WcxEIfQXaHjXdtIKJ3KiXJV2uze6fG1KjeiIKgb7QYUxuwYXBH0AquY6n7w4NbvjnhzSW79Ov5KQNtSO8lKn_JXp_OpkQXY2RSSiVhsbWcVeCeuotzYQPVLivRhTN_8bVOsq2_HWci1evKvcBzFshSTgL99GHGXbgwXCaPQ1fQZoo5b5L_ovuuyLpry4MisjA35ISK9gC-AR2NGSEFG9IGQHwUzAi179rrqwCEjPHhexPSwAFGHO_ievVd1RB5-GQZQU2xmkFnsyI5uJU1zYJ0tgwEbPhp2OtnGnnrpu-RwP5_vD7l85E9S_yYhHYJ20g-UGYo2hwBVUXktbFdOkiMpWX5O47sien2AQ4_OdONDFqAeedxXcJIhS_bnn6K2aDY9-G4vVP_K1m7AbTDe4oaCTS9IvIKADjkYpkWnSPGkv442FS4aetyz11YcfS4vozqMcGGtcMwH-uyXuqo-nduXa0_6anRXfx1jMnTSDK2tmVPM6LLm2nb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700350562&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700350561992&bpp=264&bdt=1441&idt=595&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&correlator=3201706815534&frm=23&ife=1&pv=2&ga_vid=1109969163.1700350560&ga_sid=1700350563&ga_hid=953001889&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3458&biw=1600&bih=1200&isw=336&ish=280&ifk=221046697&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31079606%2C31079628%2C44785294%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808285%2C44809056&oid=2&pvsid=2282773991025286&tmod=1356114989&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.8zxxrcrtx5s0&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2AA5 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
3168880
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
828408944c1e01b7-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
13926
g2.gumgum.com/usync/ Frame 0460 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.158.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa58fff3fb75a00c0a107c1b2e58c05e1d8d4cdaa82a0ec379cde47e53e19fcf

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
etag
W/"06ea815cddf51094e8f8fb94a88f4f9fe"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 5B90 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
72153d15f8cbe7d72aee6702366ad511156c8ffa198b94cedb47aab2304a9948
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1170
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 5623 		1018 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
051017bee0e2fa0b44f50a2e5bafdd60d8b8708ce68fa1e86b260a3e8fe7b99f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
1018
content-type
text/html
date
Sat, 18 Nov 2023 23:36:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A0C6 		0
0
usync.html
eus.rubiconproject.com/ Frame 65C1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:36:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4AE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=104154
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
Mon, 20 Nov 2023 04:31:58 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 3117 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
89e366ab900223d921632837c0ecd38815ea0c3b5b2fdba5ce3638c7c1d51f4f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Sat, 18 Nov 2023 23:36:05 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
w04rDqdepPe7Rg9iMQU_r0-Xngr9ZJsjmkgBc46r_xDI0Q_47jBmRA==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame BC54 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sat, 18 Nov 2023 23:36:04 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 8EC8 		557 B
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.85.125.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-125-66.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
2795bbc910c93e272c7b9efa35a0b48b0d8df173c153988f2907513f000c0da8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Sat, 18 Nov 2023 23:36:05 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7912481373650271753
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7912481373650271753
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
an-x-request-uuid
914e6753-a6f7-4c6f-a469-65cfc2511838
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7912481373650271753
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HreopRZH2MxDdztuQ36MVDKJ
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HreopRZH2MxDdztuQ36MVDKJ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HreopRZH2MxDdztuQ36MVDKJ
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 25F2 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Nov 2023 23:36:04 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=6631158481
  • https://sync.1rx.io/usersync/turn/4130517591434833021?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-22ae08b3-f0d1-4620-87b4-43f858a36259-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003
date
Sat, 18 Nov 2023 23:36:04 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX22ae08b3f0d1462087b443f858a36259003
content-type
text/html
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210828214939098
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210828214939098
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210828214939098
Date
Sat, 18 Nov 2023 23:36:04 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=e3ee8dd5-862a-4724-9f50-268fcdbab9f3
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=e3ee8dd5-862a-4724-9f50-268fcdbab9f3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-165
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=e3ee8dd5-862a-4724-9f50-268fcdbab9f3
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Sat, 18 Nov 2023 23:36:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-aa4f771b-045b-3186-8546-192d8f7763c6&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYTRmNz...
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xO...
  • https://ssp.disqus.com/match?bidder=29&buyeruid=tgyFQHDwdN34&r=Cid1YS1hYTRmNzcxYi0wNDViLTMxODYtODU0Ni0xOTJkOGY3NzYzYzYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-aa4f771b-045b-3186-8546-192d8f7763c6
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-aa4f771b-045b-3186-8546-192d8f7763c6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-aa4f771b-045b-3186-8546-192d8f7763c6
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 25F2 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.228.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-228-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
sync
ads.servenobid.com/ Frame 25F2
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 18 Nov 2023 23:36:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sat, 18 Nov 2023 23:36:04 GMT
async_usersync
ib.adnxs.com/ Frame A81D 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
an-x-request-uuid
a6a5a714-47d4-4b94-80ab-931f7d587db2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 5DA1 		0
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82840894fc8c01b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
server
cloudflare
vary
Accept-Encoding
2137512993614211217
csync.smilewanted.com/set_partner_userid_get/smart/ Frame FF09
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/2137512993614211217
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/2137512993614211217
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
828408979e6201b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:05 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/2137512993614211217
img
sync.mathtag.com/sync/ Frame 5B90 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x12 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:04 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x12 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sat, 18 Nov 2023 23:36:03 GMT
/
onetag-sys.com/match/ Frame 5B90
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LP4OTLUF-G-2PUA&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LP4OTLUF-G-2PUA&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LP4OTLUF-G-2PUA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5B90 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=ogWCJu3gGukqT3frb1AaryFhAb1Bws7sXUVL4MBhciY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 5B90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Pug
image2.pubmatic.com/AdServer/ Frame 5B90
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJexMONvz0N-CuyApZASTg&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJexMONvz0N-CuyApZASTg&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:36:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJexMONvz0N-CuyApZASTg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5B90
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 5B90 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 5B90
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e0b8254e-28a9-4723-81aa-4f41505f2a4c&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 18 Nov 2023 23:36:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 5B90 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=ogWCJu3gGukqT3frb1AaryFhAb1Bws7sXUVL4MBhciY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 5623 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2137512993614211217&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5623
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjEzNzUxMjk5MzYxNDIxMTIxNw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 5623
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b185c02e30
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b185c02e30
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 18 Nov 2023 23:35:05 GMT
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
60
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b185c02e30
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Vl3LBfM-EIPBKieFNFPa2VgP4m1QpaJ-yDJUISor_6G3Hu_L1DzNqg==
/
rtb-csync.smartadserver.com/redir/ Frame 5623
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09d12204009edc3a9589dae6&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09d12204009edc3a9589dae6&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09d12204009edc3a9589dae6&gdpr=0&gdpr_consent=
date
Sat, 18 Nov 2023 23:36:04 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 5623 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
7912481373650271753
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 4CD9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7912481373650271753
0
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7912481373650271753
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82840895cd4501b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8d18d22e-305b-4703-a9f8-0af401f0700f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7912481373650271753
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 65C1 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34555
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:59 GMT
LP4OTLUF-G-2PUA
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 4D14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP4OTLUF-G-2PUA?gdpr=0
0
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP4OTLUF-G-2PUA?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
828408961d7201b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP4OTLUF-G-2PUA?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
66ef90d06496cfd000aab8206f2b6221
content-length
0
widget.73803a8d9d4f3ba312b4.js
c.bannerflow.net/scripts/ Frame A27F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssgYFSkG4x3HfXnznKdIWUPfbItukX0WwsJqb5zL3iZAJyC-_fWJjeSsYK40E6sBAjvNnUdSG-iJL_0UJvcstcZLJ_xxysRZglrGjgxqr4hm8s_Eyqq5yUVgDbXOAXPMAUHAf_Dr2O4fyTq_FOMGoLuVRTabH1kx-5a64PDAm4qxEgGOIYPuKezqX-O361scGtCx1n0Zojit4Yp-nbqytb-IkWimJ4T2u0b7MjztUzF0mZUU7sedHjjneaRsAyLGk2iApDMK_VIVhF6IoZD2wzlsZoGMJoY5kgEfBov2duD4t5Pgmd4S6Lnv9kcgpKmLP06Dfw0Y4mQz0xNiyUgMWuvAkSCMGv7QTQUKDcJN6b4dBbqTt_9ocCMMX92jmr7G8u0QDlqSxQbN06NKd3kj_aktaI8R-AriMgErKf7Uyv0xJA7h3dRwK2HR-AwUytACn9NNuXK12IAKijRrQmR8zXuy_LD6bap0U88YQwdTTFuChVzYmtuulm0sHuajtWnCxUaWCAFoFDnyu0EKbfKWpQzh_cLkztqG08dkJ1OVGQQkoK1EuUHa6YDrkpU704rRLCSFfG-PJ9PQnomb7R_-lb-unghUxTIJ5xIFsiiTfntJppZX2kUMRmEcgNETmOKKWHz_PpMXLZWX9ChK5-RWCRSgU85L4DORqfBP2K_5AZ1wqoZSGlZeQ26U-p4YUg9Psd0tAqboCJffhWZrlIpk2ZYJFaS4w3ur5cUp3dNEY1H4sl8tVmwOZMSQiHCGKT_Ajw9uK0HFQ7UsYO2h-u5oLPXlHEdkWBAcRfOwxrXU1SRrSwbHUAgua1VbSzjrhbZaf41vuHAWfCXzEoPoRczaJR4Kyb-t-zMSqBrvX2NtTLpBAvtRjq1JjPwhzR_M5_oe2sf9YqMA9E54ZsB6CTmxstVZWAp72u0gu8IHC-aMN-VvnCB_bRwK24qzC6lN9eQS13MtjEE1L7Y8B-A-5Cb1_7rqNvXVw63K2lloPXmp0dIL_-3M4Wp-BRMtC39pXdc15tCiaM9RaR8D4P-lwTfOeu3iTGcMZGVDHCKGSgm_oI0Ipnsuq7UHALlZ_YcmSsQ4J1kE0H9bGGgUZ4Klw7K7nE5stykRX4sqgGy9fr3obSJ6cmo5TwpuOidZCoW12ncWHEo3PlkqhzvvQv_NCAZQkzBwn--FM7HXoHP1HKt6K-irzTQWaC8MiZQYHL7Tmo2R09DM8OOEPp4cIY0w-RIP5I_WWz-Lf8z1hs4Xlvr3N0OPN0UT62gDdi2iEfNaG6VKQ6ZSAlTsMSCC_9oflTJJCeqplUxU4IaZZp-wQO60vFULR-l5hC5AhxRcROBe2rPrG_xnyPktg_QMny567i4PuQU1QFQcPwiLSqcCPoSzuUzfyM7IINx0T8exnemSHewYxh7P-rtwzQEDTnGMxFzGKa87UtKdxDNXsoxA0MAqoWu_nFRyHhxuzCi4b8quJzrW_SqKKUGMsc8aahggUKh0dIr76OF-k-ZABREKm_aKhgz7ko76fXEZH9fUl-i_L2hDrvGauVZZJMawwwYoKxdcIZi0IqRTrsBz6yj%26sai%3DAMfl-YQoyfgnwWRYB_wiayejHfQZsXdVlhHFxUWQk6FUxtbvrt3NZ9VgoIspFLTibalwp4D-dnPxE1L4hGpqsi8c65tMpy4V1cSA6YgRxhEMCjfUMq19thsVEDo33MgeX9VILysSPGIWUOOuI5MQu-YKrkXrmSAgV8HNmOzrGB-Ip34I2ex2ocE-Brtr_cQia0v9lnLSFBBdWT0cGIxNZHXdi-6nBUX7mRtccEu9pB_kaPSUac0FIVb1HKC_BxLr1B22uH_dxusKmF89FHsp8s8up-YMLnkvIRpkd72cCwsnrl8i%26sig%3DCg0ArKJSzPSuX8ZDVInUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
kV2TaSme3zjoMC7eKEPqvg==
age
1468956
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Apr 2023 08:06:09 GMT
server
cloudflare
etag
W/"0x8DB35AC9D3707B1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0700ea23-b01e-002a-621b-0d3236000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
82840895ac63020d-ZRH
document.000000113A6B2E.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195010/5405215/ Frame A27F 		59 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195010/5405215/document.000000113A6B2E.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssgYFSkG4x3HfXnznKdIWUPfbItukX0WwsJqb5zL3iZAJyC-_fWJjeSsYK40E6sBAjvNnUdSG-iJL_0UJvcstcZLJ_xxysRZglrGjgxqr4hm8s_Eyqq5yUVgDbXOAXPMAUHAf_Dr2O4fyTq_FOMGoLuVRTabH1kx-5a64PDAm4qxEgGOIYPuKezqX-O361scGtCx1n0Zojit4Yp-nbqytb-IkWimJ4T2u0b7MjztUzF0mZUU7sedHjjneaRsAyLGk2iApDMK_VIVhF6IoZD2wzlsZoGMJoY5kgEfBov2duD4t5Pgmd4S6Lnv9kcgpKmLP06Dfw0Y4mQz0xNiyUgMWuvAkSCMGv7QTQUKDcJN6b4dBbqTt_9ocCMMX92jmr7G8u0QDlqSxQbN06NKd3kj_aktaI8R-AriMgErKf7Uyv0xJA7h3dRwK2HR-AwUytACn9NNuXK12IAKijRrQmR8zXuy_LD6bap0U88YQwdTTFuChVzYmtuulm0sHuajtWnCxUaWCAFoFDnyu0EKbfKWpQzh_cLkztqG08dkJ1OVGQQkoK1EuUHa6YDrkpU704rRLCSFfG-PJ9PQnomb7R_-lb-unghUxTIJ5xIFsiiTfntJppZX2kUMRmEcgNETmOKKWHz_PpMXLZWX9ChK5-RWCRSgU85L4DORqfBP2K_5AZ1wqoZSGlZeQ26U-p4YUg9Psd0tAqboCJffhWZrlIpk2ZYJFaS4w3ur5cUp3dNEY1H4sl8tVmwOZMSQiHCGKT_Ajw9uK0HFQ7UsYO2h-u5oLPXlHEdkWBAcRfOwxrXU1SRrSwbHUAgua1VbSzjrhbZaf41vuHAWfCXzEoPoRczaJR4Kyb-t-zMSqBrvX2NtTLpBAvtRjq1JjPwhzR_M5_oe2sf9YqMA9E54ZsB6CTmxstVZWAp72u0gu8IHC-aMN-VvnCB_bRwK24qzC6lN9eQS13MtjEE1L7Y8B-A-5Cb1_7rqNvXVw63K2lloPXmp0dIL_-3M4Wp-BRMtC39pXdc15tCiaM9RaR8D4P-lwTfOeu3iTGcMZGVDHCKGSgm_oI0Ipnsuq7UHALlZ_YcmSsQ4J1kE0H9bGGgUZ4Klw7K7nE5stykRX4sqgGy9fr3obSJ6cmo5TwpuOidZCoW12ncWHEo3PlkqhzvvQv_NCAZQkzBwn--FM7HXoHP1HKt6K-irzTQWaC8MiZQYHL7Tmo2R09DM8OOEPp4cIY0w-RIP5I_WWz-Lf8z1hs4Xlvr3N0OPN0UT62gDdi2iEfNaG6VKQ6ZSAlTsMSCC_9oflTJJCeqplUxU4IaZZp-wQO60vFULR-l5hC5AhxRcROBe2rPrG_xnyPktg_QMny567i4PuQU1QFQcPwiLSqcCPoSzuUzfyM7IINx0T8exnemSHewYxh7P-rtwzQEDTnGMxFzGKa87UtKdxDNXsoxA0MAqoWu_nFRyHhxuzCi4b8quJzrW_SqKKUGMsc8aahggUKh0dIr76OF-k-ZABREKm_aKhgz7ko76fXEZH9fUl-i_L2hDrvGauVZZJMawwwYoKxdcIZi0IqRTrsBz6yj%26sai%3DAMfl-YQoyfgnwWRYB_wiayejHfQZsXdVlhHFxUWQk6FUxtbvrt3NZ9VgoIspFLTibalwp4D-dnPxE1L4hGpqsi8c65tMpy4V1cSA6YgRxhEMCjfUMq19thsVEDo33MgeX9VILysSPGIWUOOuI5MQu-YKrkXrmSAgV8HNmOzrGB-Ip34I2ex2ocE-Brtr_cQia0v9lnLSFBBdWT0cGIxNZHXdi-6nBUX7mRtccEu9pB_kaPSUac0FIVb1HKC_BxLr1B22uH_dxusKmF89FHsp8s8up-YMLnkvIRpkd72cCwsnrl8i%26sig%3DCg0ArKJSzPSuX8ZDVInUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954b3fda838a7666e6e9df9d3f856f317e0ac130bf5e8778b12ba575fdebf729

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
fj9TKMb8k2zUCJKOQvRd2Q==
age
1507883
cf-polished
origSize=64303
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 17 Apr 2023 10:52:51 GMT
server
cloudflare
etag
W/"0x8DB3F31E413B058"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a03c2f27-901e-0060-15c1-0c91b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
82840895ac65020d-ZRH
animated-creative.a3eb65849827099c4ed2.js
c.bannerflow.net/scripts/ Frame A27F 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssgYFSkG4x3HfXnznKdIWUPfbItukX0WwsJqb5zL3iZAJyC-_fWJjeSsYK40E6sBAjvNnUdSG-iJL_0UJvcstcZLJ_xxysRZglrGjgxqr4hm8s_Eyqq5yUVgDbXOAXPMAUHAf_Dr2O4fyTq_FOMGoLuVRTabH1kx-5a64PDAm4qxEgGOIYPuKezqX-O361scGtCx1n0Zojit4Yp-nbqytb-IkWimJ4T2u0b7MjztUzF0mZUU7sedHjjneaRsAyLGk2iApDMK_VIVhF6IoZD2wzlsZoGMJoY5kgEfBov2duD4t5Pgmd4S6Lnv9kcgpKmLP06Dfw0Y4mQz0xNiyUgMWuvAkSCMGv7QTQUKDcJN6b4dBbqTt_9ocCMMX92jmr7G8u0QDlqSxQbN06NKd3kj_aktaI8R-AriMgErKf7Uyv0xJA7h3dRwK2HR-AwUytACn9NNuXK12IAKijRrQmR8zXuy_LD6bap0U88YQwdTTFuChVzYmtuulm0sHuajtWnCxUaWCAFoFDnyu0EKbfKWpQzh_cLkztqG08dkJ1OVGQQkoK1EuUHa6YDrkpU704rRLCSFfG-PJ9PQnomb7R_-lb-unghUxTIJ5xIFsiiTfntJppZX2kUMRmEcgNETmOKKWHz_PpMXLZWX9ChK5-RWCRSgU85L4DORqfBP2K_5AZ1wqoZSGlZeQ26U-p4YUg9Psd0tAqboCJffhWZrlIpk2ZYJFaS4w3ur5cUp3dNEY1H4sl8tVmwOZMSQiHCGKT_Ajw9uK0HFQ7UsYO2h-u5oLPXlHEdkWBAcRfOwxrXU1SRrSwbHUAgua1VbSzjrhbZaf41vuHAWfCXzEoPoRczaJR4Kyb-t-zMSqBrvX2NtTLpBAvtRjq1JjPwhzR_M5_oe2sf9YqMA9E54ZsB6CTmxstVZWAp72u0gu8IHC-aMN-VvnCB_bRwK24qzC6lN9eQS13MtjEE1L7Y8B-A-5Cb1_7rqNvXVw63K2lloPXmp0dIL_-3M4Wp-BRMtC39pXdc15tCiaM9RaR8D4P-lwTfOeu3iTGcMZGVDHCKGSgm_oI0Ipnsuq7UHALlZ_YcmSsQ4J1kE0H9bGGgUZ4Klw7K7nE5stykRX4sqgGy9fr3obSJ6cmo5TwpuOidZCoW12ncWHEo3PlkqhzvvQv_NCAZQkzBwn--FM7HXoHP1HKt6K-irzTQWaC8MiZQYHL7Tmo2R09DM8OOEPp4cIY0w-RIP5I_WWz-Lf8z1hs4Xlvr3N0OPN0UT62gDdi2iEfNaG6VKQ6ZSAlTsMSCC_9oflTJJCeqplUxU4IaZZp-wQO60vFULR-l5hC5AhxRcROBe2rPrG_xnyPktg_QMny567i4PuQU1QFQcPwiLSqcCPoSzuUzfyM7IINx0T8exnemSHewYxh7P-rtwzQEDTnGMxFzGKa87UtKdxDNXsoxA0MAqoWu_nFRyHhxuzCi4b8quJzrW_SqKKUGMsc8aahggUKh0dIr76OF-k-ZABREKm_aKhgz7ko76fXEZH9fUl-i_L2hDrvGauVZZJMawwwYoKxdcIZi0IqRTrsBz6yj%26sai%3DAMfl-YQoyfgnwWRYB_wiayejHfQZsXdVlhHFxUWQk6FUxtbvrt3NZ9VgoIspFLTibalwp4D-dnPxE1L4hGpqsi8c65tMpy4V1cSA6YgRxhEMCjfUMq19thsVEDo33MgeX9VILysSPGIWUOOuI5MQu-YKrkXrmSAgV8HNmOzrGB-Ip34I2ex2ocE-Brtr_cQia0v9lnLSFBBdWT0cGIxNZHXdi-6nBUX7mRtccEu9pB_kaPSUac0FIVb1HKC_BxLr1B22uH_dxusKmF89FHsp8s8up-YMLnkvIRpkd72cCwsnrl8i%26sig%3DCg0ArKJSzPSuX8ZDVInUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9145a1b5941a698cff3ad558184cd813710a61ea765201ee9465fd2cd8cae663

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Js5dw7R7Itopo9K+HMhbDQ==
age
955599
cf-polished
origSize=159709
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 09:04:44 GMT
server
cloudflare
etag
W/"0x8DB3BFE201FAE72"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
44e99421-701e-0068-1ac7-11b343000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
82840895ac66020d-ZRH
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F29 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=104154
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
Mon, 20 Nov 2023 04:31:58 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
7a742af5-f233-435f-a828-83b228e83adf&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 61D4
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/7a742af5-f233-435f-a828-83b228e83adf&partner_id=1010
0
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/7a742af5-f233-435f-a828-83b228e83adf&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82840896ede501b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/7a742af5-f233-435f-a828-83b228e83adf&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.155.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-155-35.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7912481373650271753
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7912481373650271753
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
an-x-request-uuid
a4174f9e-45d7-44e3-9a65-f592a84e636a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7912481373650271753
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a9978468-4136-4c7a-8a8c-b821809d5a96&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=893596e3-ebcc-4ae5-b5ce-59208add6eed&expires=1&user_group=2&ssp=gumgum2&bsw_param=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy=
date
Sat, 18 Nov 2023 23:36:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=74539f0a-cb09-4097-91f7-901af2c9b7ad
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=74539f0a-cb09-4097-91f7-901af2c9b7ad
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 18 Nov 2023 23:36:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=74539f0a-cb09-4097-91f7-901af2c9b7ad
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4cbd493d-c2a9-583c-7888-a81184c66e9b$ip$31.164.63.86
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4cbd493d-c2a9-583c-7888-a81184c66e9b$ip$31.164.63.86
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4cbd493d-c2a9-583c-7888-a81184c66e9b$ip$31.164.63.86
Date
Sat, 18 Nov 2023 23:36:04 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-FCXA2hZE2pcitwqcGl6C1HQ6GsZu8.HcQ1nC~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-FCXA2hZE2pcitwqcGl6C1HQ6GsZu8.HcQ1nC~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 18 Nov 2023 23:36:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-FCXA2hZE2pcitwqcGl6C1HQ6GsZu8.HcQ1nC~A
content-length
0
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f002763b-bff0-42e6-a652-375ee26c26fb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f002763b-bff0-42e6-a652-375ee26c26fb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f002763b-bff0-42e6-a652-375ee26c26fb
Date
Sat, 18 Nov 2023 23:36:05 GMT
Connection
keep-alive
X-CI-RTID
a0b972dc-85f3-44b5-87fc-505e6aa5b37f
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 0460 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a9978468-4136-4c7a-8a8c-b821809d5a96&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_a9978468-4136-4c7a-8a8c-b821809d5a96&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=kGaQ4qF6KBrZ2e8WsNCv&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=kGaQ4qF6KBrZ2e8WsNCv&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=kGaQ4qF6KBrZ2e8WsNCv&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=tgyFQHDwdN34&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=tgyFQHDwdN34&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=tgyFQHDwdN34&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-w6bcp
expires
-1
usersync
usersync.gumgum.com/ Frame 0460
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2137512993614211217
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2137512993614211217
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2137512993614211217
date
Sat, 18 Nov 2023 23:36:04 GMT
content-length
0
sync
ads.servenobid.com/ Frame 0460 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_a9978468-4136-4c7a-8a8c-b821809d5a96
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:04 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
khaos.json
token.rubiconproject.com/ Frame 65C1 		7 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP4OTLUF-G-2PUA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
2624f9ec-d379-465f-b0f9-471b44251e99
csync.smilewanted.com/set_partner_userid_get/openx/ Frame CB90
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/2624f9ec-d379-465f-b0f9-471b44251e99
0
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/2624f9ec-d379-465f-b0f9-471b44251e99
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
828408974e2c01b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:05 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/2624f9ec-d379-465f-b0f9-471b44251e99
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame E4AE 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56121005&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
018c7b89003d09da195ccf6c3080ddd4d2019511916105bf78209ff2fd30ea50

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
rtb.gumgum.com/ Frame B6E9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=1407869859430572812&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=1407869859430572812&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.158.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sat, 18 Nov 2023 23:36:05 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=1407869859430572812&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 79DC 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hOTk3ODQ2OC00MTM2LTRjN2EtOGE4Yy1iODIxODA5ZDVhOTY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFAC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=104154
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
Mon, 20 Nov 2023 04:31:58 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame DCDB 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:04 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame A60E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVlKY8Co8X4AAPsS.PgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVlKY8Co8X4AAPsS.PgAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 18 Nov 2023 23:36:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 18 Nov 2023 23:36:05 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVlKY8Co8X4AAPsS.PgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad435.dc4p.scaleout.jp
X-SO-IP
31.164.63.86
X-SO-Key
ZVlKY8Co8X4AAPsS.PgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"31.164.63.86","key":"ZVlKY8Co8X4AAPsS.PgAAAAA","privacy_sensitive":false,"uid":"ZVlKY8Co8X4AAPsS.PgAAAAA","upstream_id":"m-ad435"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-UID
ZVlKY8Co8X4AAPsS.PgAAAAA
X-SO-Upstream-ID
m-ad435
usersync
usersync.gumgum.com/ Frame AA0D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 18 Nov 2023 23:36:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 18 Nov 2023 23:36:05 GMT Sat, 18 Nov 2023 23:36:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame E539
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 23:36:05 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
ap.lijit.com/ Frame D5AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sat, 18 Nov 2023 23:36:04 GMT
X-Sovrn-Pod
ad_ap6ams1
sync
ads.servenobid.com/ Frame 65C1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP4OTLUF-G-2PUA
  • https://ads.servenobid.com/sync?pid=323&uid=LP4OTLUF-G-2PUA
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LP4OTLUF-G-2PUA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LP4OTLUF-G-2PUA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
1407869859430572812
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 9803
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1407869859430572812
0
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/1407869859430572812
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
828408996ff001b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:05 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sat, 18 Nov 2023 23:36:05 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/1407869859430572812
server
nginx
truncated
/ Frame A27F 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
c8182020-ce52-4dfa-a2fc-60914baf135a
https://s0.2mdn.net/ Frame 97F4 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/c8182020-ce52-4dfa-a2fc-60914baf135a
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 72C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
828408996ff301b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:05 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Nov 2023 23:36:05 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
font
c.bannerflow.net/fs/api/v2/ Frame A27F 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%21%25.089ACDEFHIMSVZabcdefghiklmnorstuwxz%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5778a9de20dae21fa64322883db543032780472ff39d40dd9091bc19b9312236

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 12:44:48 GMT
server
cloudflare
age
1507877
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
8284089c796901f8-ZRH
expires
Thu, 31 Oct 2024 12:44:48 GMT
usync.js
eus.rubiconproject.com/ Frame E539 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34554
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7925 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8616877878788&version=m202309260101&ct=76&x=1&cor=8012077641137758000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 2721
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0?pi=smilewanted
0
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
828408996ff101b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:05 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 18 Nov 2023 23:36:05 GMT Sat, 18 Nov 2023 23:36:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/HcuSt9UOZrYTNV9-qPSURIb-tmSxsF2PauVOY-mUef0?pi=smilewanted
pragma
no-cache
v1
match.sharethrough.com/universal/ Frame 8EC8 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.228.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-228-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
cs
cs.yellowblue.io/ Frame 8EC8
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.210.50.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-50-120.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=36757693e4f6ab17619b6c5d78f8113&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700350565256005-569
cs
cs-server-s2s.yellowblue.io/ Frame 8EC8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.85.125.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-125-66.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
date
Sat, 18 Nov 2023 23:36:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 8EC8 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=uuhLDvzzCj_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
onetag-sys.com/usync/ Frame F544 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700350561688
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
36c56a0487e7b74c9847eb5436bc21292d8b00900e759caaaff7c3916499144c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1101
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
cs
cs-rtb.minutemedia-prebid.com/ Frame 3117
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=846f10bf61a5b70cf597361d640a89e1
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=846f10bf61a5b70cf597361d640a89e1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
WnnG_gYo3F4o7oKajggPuuA7MAGOmsYntk5A_6sBFHeTK7aQzvjjXw==

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=846f10bf61a5b70cf597361d640a89e1
x-kong-upstream-latency
4
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 3117
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a37d97e-9c8e-4795-8e14-99007a9a3c0e
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a37d97e-9c8e-4795-8e14-99007a9a3c0e
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
3qi5xlfmES0RGtSs28V19Pl2YlNfzhjM8o4AMY0pVPTnZafkmX6GVQ==

Redirect headers

date
Sat, 18 Nov 2023 23:36:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a37d97e-9c8e-4795-8e14-99007a9a3c0e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 3117
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
QRcjf1KQ7d01Kg2lhvKmoWBedBfRmD20B_L-If0rPvYSUwQesSaLRw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Sat, 18 Nov 2023 23:36:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 3117 		0
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 3117
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
UINGeTmgV4X5hbyBwNOI80HJSF1q75K-r4acEbAGnTYI6wAOi4J6VQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=C5463CF2-8511-4A81-B5E9-27264C2643DF
date
Sat, 18 Nov 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ Frame 3117 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Nov 2023 23:36:05 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 3117
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4078021614972441085668
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4078021614972441085668
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
99.86.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-129.fra6.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
sMKOUGjb-QTCvPI2lxDM-6ZpLQrKjoNeXy1IFmSkwe9Y1UhW6IAvGQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4078021614972441085668
date
Sat, 18 Nov 2023 23:36:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ads.servenobid.com/ Frame 3117 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=1IhRYv-zCp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
img
sync.mathtag.com/sync/ Frame E276 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 18 Nov 2023 23:36:05 GMT
Expires
Sat, 18 Nov 2023 23:36:04 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1369"
usersync.aspx
dis.criteo.com/dis/ Frame DDDD 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:04 GMT
expires
Sat, 18 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
191568
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2991 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C5463CF2-8511-4A81-B5E9-27264C2643DF&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 18 Nov 2023 23:36:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NYGRPTB7G5JVV18RDJQW
apn
ads.playground.xyz/usersync/ Frame 1102
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2CKnV9p2pF_Dc6cP3iW_DYt29FzDIqpX3XVpOJEO
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:06 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
x-request-id
23415aa6-3f35-433a-9c96-bd59204a1144

Redirect headers

content-length
176
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 0AAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7912481373650271753&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 8244
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302950059823921299&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:05 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 29CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TL1JPcKpWDx4iKgRhMZumx-kP1Y&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:05 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 1F49
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=cb3b0366-05e3-4995-8e60-308c57af4b83&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8dfccedd-668a-44ee-b95e-d349fc17fa76&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 18 Nov 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 18 Nov 2023 23:36:05 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 4439
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJTG0wN0tzcFVBQUJQS05YVmpLUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAILm07KspUAABPKNXVjKQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2137512993614211217&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAILm07KspUAABPKNXVjKQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2137512993614211217%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2137512993614211217&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAILm07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAILm07KspUAABPKNXVjKQ&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAILm07KspUAABPKNXVjKQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:36:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 18 Nov 2023 23:36:06 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAILm07KspUAABPKNXVjKQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame F69E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUffea1325252341f4a2847df96a8bccc0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 18 Nov 2023 23:36:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 18 Nov 2023 23:36:05 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 7C24
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 18 Nov 2023 23:36:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame BC97
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVlKZQAAqr172ABU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 18 Nov 2023 23:36:06 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1700350566.998809,VS0,VE189

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 18 Nov 2023 23:36:05 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVlKZQAAqr172ABU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1700350566.844884,VS0,VE99
/
onetag-sys.com/match/ Frame A29F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame 28D0 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:05 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
cm
ipac.ctnsnet.com/int/ Frame E004 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 1FF1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6785042868299480284
42 B
292 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6785042868299480284
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:36:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6785042868299480284
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
apn
ads.playground.xyz/usersync/ Frame 3F4D
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210828214939098
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
132 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:06 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
x-request-id
68feb4a9-067c-43ac-ad0e-16b700372961

Redirect headers

content-length
176
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:04 GMT
location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesync
core.iprom.net/ Frame E86A 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 18 Nov 2023 23:36:05 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-8154e63fa590@version_1.576
X-core-time
1ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame AE81 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 5217 		0
0
i.match
s.tribalfusion.com/z/ Frame C6BC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8284089edb2523f7-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:36:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8284089d794723f7-ZRH
content-type
text/html
date
Sat, 18 Nov 2023 23:36:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
18158
sync
ads.servenobid.com/ Frame C63E 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sat, 18 Nov 2023 23:36:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xUY88oURSoG16ScmTCZD3w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=104152
accept-ranges
bytes
content-length
5622
expires
Mon, 20 Nov 2023 04:31:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E4AE
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.212.46.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-46-188.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.158
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.31.227
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame E4AE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1483720727
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1483720727
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
via
1.1 google
last-modified
Sat, 18 Nov 2023 23:36:05 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:04 GMT
via
1.1 google
last-modified
Sat, 18 Nov 2023 23:36:05 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1483720727
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame E4AE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDVjbzlhdjRHTERRYVNGeXdnLTZ1aUNLZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1407869859430572812&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:06 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 18 Nov 2023 23:36:06 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pubmatic
um.simpli.fi/ Frame E4AE 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 17 Nov 2023 23:36:05 GMT
/
onetag-sys.com/match/ Frame E4AE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1407869859430572812
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
date
Sat, 18 Nov 2023 23:36:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame E4AE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame E4AE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0xo9EENE2uV8ap.bxcFKpCIUpi_5j.U-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0xo9EENE2uV8ap.bxcFKpCIUpi_5j.U-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0xo9EENE2uV8ap.bxcFKpCIUpi_5j.U-~A&gdpr=0
date
Sat, 18 Nov 2023 23:36:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
C5463CF2-8511-4A81-B5E9-27264C2643DF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E4AE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C5463CF2-8511-4A81-B5E9-27264C2643DF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.117.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-117-106.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame E4AE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0f9adfcf-e87e-460f-b9ad-5f7cafba38d8-65594a65-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0f9adfcf-e87e-460f-b9ad-5f7cafba38d8-65594a65-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:36:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0f9adfcf-e87e-460f-b9ad-5f7cafba38d8-65594a65-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame E4AE
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7322cb7e804d1680&is_secure=true&networkId=17100&version=1&nuid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHqouGtI4QdgNDdFnMAAAAAAA&expiration=1700436966&nuid=C5463CF2-8511-4A81-B5E9-27264C2643DF&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sat, 18 Nov 2023 23:06:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame E4AE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4130517591434833021&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
date
Sat, 18 Nov 2023 23:36:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame E4AE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6c2a13ba-ccce-4db1-b58c-cb05cf0958b3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
date
Sat, 18 Nov 2023 23:36:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
khaos.json
token.rubiconproject.com/ Frame E539 		7 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP4OTLUF-G-2PUA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
img
sync.mathtag.com/sync/ Frame F544 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350561688
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x26 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:36:05 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x26 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Sat, 18 Nov 2023 23:36:04 GMT
generic
match.adsrvr.org/track/cmf/ Frame F544 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350561688
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame F544 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350561688
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.207.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-207-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame F544 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3NDiZiqVaGCja5qf1EV4u1EDjCVFGxNzgQ4UOA-G2sI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350561688
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame F544 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350561688
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame F544 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700350561688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame E539
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP4OTLUF-G-2PUA
  • https://usersync.gumgum.com/usersync?b=mag&i=LP4OTLUF-G-2PUA
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LP4OTLUF-G-2PUA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 18 Nov 2023 23:36:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LP4OTLUF-G-2PUA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
async_usersync
ib.adnxs.com/ Frame A81D 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:05 GMT
an-x-request-uuid
b004ad46-ee98-48cc-93e6-e20b8d2adb73
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
31.164.63.86; 31.164.63.86; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 01C6 		217 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:05 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
2311
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8284089d18b2020d-ZRH
064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 01C6 		272 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:05 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C50rliIMDPE8SiFZGvsxQQ==
age
1915
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:52:58 GMT
server
cloudflare
etag
W/"0x8DADDE2E4532F74"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f9ae2d66-d01e-0003-3464-0d0c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8284089d4900020d-ZRH
d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 01C6 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:05 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o8BlfxpL6pDvDJmSY4p8ew==
age
1915
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 10:56:08 GMT
server
cloudflare
etag
W/"0x8DAA6C03538AA86"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
09f81f85-401e-004c-0aa7-0c7d16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8284089d4901020d-ZRH
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 01C6 		151 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:05 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
2254
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7dc9cd2-701e-0025-1590-0c445a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8284089d4902020d-ZRH
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame 7200 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.64.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:06 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
136
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b9e65c1-b01e-0066-41e7-115d22000000
x-ms-version
2014-02-14
cf-ray
828408a02d9c01eb-ZRH
/
c.bannerflow.net/tr/v2/pixel/ Frame A27F 		0
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssgYFSkG4x3HfXnznKdIWUPfbItukX0WwsJqb5zL3iZAJyC-_fWJjeSsYK40E6sBAjvNnUdSG-iJL_0UJvcstcZLJ_xxysRZglrGjgxqr4hm8s_Eyqq5yUVgDbXOAXPMAUHAf_Dr2O4fyTq_FOMGoLuVRTabH1kx-5a64PDAm4qxEgGOIYPuKezqX-O361scGtCx1n0Zojit4Yp-nbqytb-IkWimJ4T2u0b7MjztUzF0mZUU7sedHjjneaRsAyLGk2iApDMK_VIVhF6IoZD2wzlsZoGMJoY5kgEfBov2duD4t5Pgmd4S6Lnv9kcgpKmLP06Dfw0Y4mQz0xNiyUgMWuvAkSCMGv7QTQUKDcJN6b4dBbqTt_9ocCMMX92jmr7G8u0QDlqSxQbN06NKd3kj_aktaI8R-AriMgErKf7Uyv0xJA7h3dRwK2HR-AwUytACn9NNuXK12IAKijRrQmR8zXuy_LD6bap0U88YQwdTTFuChVzYmtuulm0sHuajtWnCxUaWCAFoFDnyu0EKbfKWpQzh_cLkztqG08dkJ1OVGQQkoK1EuUHa6YDrkpU704rRLCSFfG-PJ9PQnomb7R_-lb-unghUxTIJ5xIFsiiTfntJppZX2kUMRmEcgNETmOKKWHz_PpMXLZWX9ChK5-RWCRSgU85L4DORqfBP2K_5AZ1wqoZSGlZeQ26U-p4YUg9Psd0tAqboCJffhWZrlIpk2ZYJFaS4w3ur5cUp3dNEY1H4sl8tVmwOZMSQiHCGKT_Ajw9uK0HFQ7UsYO2h-u5oLPXlHEdkWBAcRfOwxrXU1SRrSwbHUAgua1VbSzjrhbZaf41vuHAWfCXzEoPoRczaJR4Kyb-t-zMSqBrvX2NtTLpBAvtRjq1JjPwhzR_M5_oe2sf9YqMA9E54ZsB6CTmxstVZWAp72u0gu8IHC-aMN-VvnCB_bRwK24qzC6lN9eQS13MtjEE1L7Y8B-A-5Cb1_7rqNvXVw63K2lloPXmp0dIL_-3M4Wp-BRMtC39pXdc15tCiaM9RaR8D4P-lwTfOeu3iTGcMZGVDHCKGSgm_oI0Ipnsuq7UHALlZ_YcmSsQ4J1kE0H9bGGgUZ4Klw7K7nE5stykRX4sqgGy9fr3obSJ6cmo5TwpuOidZCoW12ncWHEo3PlkqhzvvQv_NCAZQkzBwn--FM7HXoHP1HKt6K-irzTQWaC8MiZQYHL7Tmo2R09DM8OOEPp4cIY0w-RIP5I_WWz-Lf8z1hs4Xlvr3N0OPN0UT62gDdi2iEfNaG6VKQ6ZSAlTsMSCC_9oflTJJCeqplUxU4IaZZp-wQO60vFULR-l5hC5AhxRcROBe2rPrG_xnyPktg_QMny567i4PuQU1QFQcPwiLSqcCPoSzuUzfyM7IINx0T8exnemSHewYxh7P-rtwzQEDTnGMxFzGKa87UtKdxDNXsoxA0MAqoWu_nFRyHhxuzCi4b8quJzrW_SqKKUGMsc8aahggUKh0dIr76OF-k-ZABREKm_aKhgz7ko76fXEZH9fUl-i_L2hDrvGauVZZJMawwwYoKxdcIZi0IqRTrsBz6yj%26sai%3DAMfl-YQoyfgnwWRYB_wiayejHfQZsXdVlhHFxUWQk6FUxtbvrt3NZ9VgoIspFLTibalwp4D-dnPxE1L4hGpqsi8c65tMpy4V1cSA6YgRxhEMCjfUMq19thsVEDo33MgeX9VILysSPGIWUOOuI5MQu-YKrkXrmSAgV8HNmOzrGB-Ip34I2ex2ocE-Brtr_cQia0v9lnLSFBBdWT0cGIxNZHXdi-6nBUX7mRtccEu9pB_kaPSUac0FIVb1HKC_BxLr1B22uH_dxusKmF89FHsp8s8up-YMLnkvIRpkd72cCwsnrl8i%26sig%3DCg0ArKJSzPSuX8ZDVInUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
828408a10f3b020d-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700350566592&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1573&pt=-1864090054&tz=60&viewable=true&ddast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:06 GMT
content-encoding
gzip
server
nginx
machineid
1470
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8849 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c62f8963a2302a44b2936e42c46d3cd3f4572129c8acaf45f1bb1d021bd60d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12454
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E0AF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvz0VbsT0D2kRKWs9OPJZPiEy0bC0rpgpMkPqpgtyZtH_tkV_rdcLuzir9GsOuNgprr2T_HiOvbDz8gdiIyMV4cTuUULU3h0Snpu5esJL59MtCmIUKxxCdRBz3BsxB3cWydHP-dSGPz7DaEo8WeVIBtRCADoYehllOF9ShmNAr_rbqZcdruHnFxyNnjQeJIyBUurPBwD_EI3WY0Vok9iLfMuPa9EWtgVBSPMz6Noxr5H4liKCchh0ae6O0U-3bbzyBDrlhdaemnU8HlaNj0n_nivq74RI4WauvsWWTi6jc_pn7-Vlc63hB8gtXRYxRMsOH6jR3F_FdxVf2kQ4l4jA-8LhUAK4PqUpouBoK-sgJIrGo1bO9M80_Y4qMrLiyueaOzxewDNzp4290PGiZ83k0OvBgHWXOIivbnfzpAtudqU9LM8JWUQjcc_EjUWnPgUeSa2vPiD7svlNAkO2xOOXQoH30xS-3R6r_mRJU-RtJ4uJdlqDgfpsL9n4VnITcRV_H9n19PwdrOPSzIwI37mgAeMwTczVwyyF5LXGFSZg7pdjlB-eOQ7s1mbaADdA0qswiWUL1a6HFn983fr3xyCYgaKtr7RnPR5zDFXOkNMz6X0-nHS8GJ2n9Ju5MHEpvrgRWp7ma8vKs0fmrFQ9X0v8sUgL5mrSXTGpeHC406Gyym-TIakT7lMnfc3Ag685IRZCzhZIxd6S3mYXB6ccIadxGCw7bli-hr-_8sMyZP74ywTsDDMdQtv7EHEGVIBn6AY4a0_4xq4CDp0pvQENKUAmHwcn95eC3FbHpsAwVF6NqMKhjtm6AvDV81E7iV_gzoooxtOWmoo59PRpHqqXHcF7GaL8ofdShKQiP7Fey5zV_isG8pwffEWO7WAbZpOam7nSluNa_wRsBeMpj0iksv9uZrAgvDmZ0V59HkY8PsjmmCoCAab3ocwIVRtAXCs9MbtQEgyinDF4k1BNk6IbkIvGm99CEfQhjdkD4zLYR-HWvZ73vMR1brH3kYh5W_TeA49C1DjjGmfN8BTeQam6uaIOs9uFL-o8grcWiiiJfYsFSn9NdrF_o4sRKklYfz1PXoyTZC8W1gjRqWnepsJKU1RfRtaUdXKhQ4JdBv2WUz4c9lOMmPUfbs0oG-YbR20-B8nBhzLA_AjBxEp5vavKQMmh-PuJLKvxFfqs0RUtV-n4_C1xBGadZnQadKvvVvisORdzzpzBmNAmnhqDNhFnwJZy0isRw2gXrEuIbAK8SUqpxBvFpo93yWkLScJeJQtwXOYcIOhOm1C0KFuAkN0ZTvwR32BdYJPtf7lWg4OCC4LUOpE8S1jlvqEttZOW6CS3CvN6LuZLE4mjS5hjs-QYbQ3eR9tbF8XDFpK1-PDPPoebYCpah7IPAxNedOMLTWpKTw-_2ZiHtLZUNTV6fRw5Z23fLAf0Ctd88YCVVD0KSvFq-aOIgcfXdAVn_AmT_RyJDX&sai=AMfl-YSejLCrQhmf997UTIfgDLld_JLDrtA1peU07XqCMHevCBBKFLBeUUBc9w9WKCsBxixyDjFu1VqARs9YHXJNgcvK4FbpZ-iGZWmUxojKssOKPhoe5oUV3wLoMz0Jh1CuJg4rd-jxDuQJe_z-vXy3M53lLH3VmgZSEkpWoMM2dW12pA6KUXwZQ6jokFb29PUmeZ1MCFZDQixX8Fpm5LKx2EZ4xE_tETmOe0db0GRqT4JR4JqKc0fd7Hn5FU8pFxV9LDqLGCQVFAu9lXD76-3zIW6vLC--q4hHPA&sig=Cg0ArKJSzIK7JLuwhJGdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3051&vt=11&dtpt=2646&dett=3&cstd=3046&cisv=r20231109.00441&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_STGO_Overall_platform-1-DECH-300x250-638330445275967645-c730622a-2cf5-4958-a64d-2195a9a063b8.html
s0.2mdn.net/sadbundle/16831550403370811392/ Frame 9042 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16831550403370811392/CH-DE_STGO_Overall_platform-1-DECH-300x250-638330445275967645-c730622a-2cf5-4958-a64d-2195a9a063b8.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
7f9fbc93ba4bfffbc6360421aef68fc015fb73b299d89138e6e87edaa0a4a010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
433594
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 23:09:32 GMT
expires
Tue, 12 Nov 2024 23:09:32 GMT
last-modified
Mon, 16 Oct 2023 09:15:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8849 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 23:36:06 GMT
652cff01843eb9eeda766b78
c.bannerflow.net/a/ Frame 9042 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652cff01843eb9eeda766b78?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstzpELAY33axbGxxZaUtztJTa6jjSEa9TQ8T9N6Heg1JllraAtwPGIZtPwg0xuDYY9kmEnWF329ofbeo_pwn5N6NKFV4s9bp_sCCLA4FyrCNEJ9Dji3pFN193omtpmhYRUbs5eN3mbefY07To_RqWYkiORq20n7DD97ztMjWYIt0vM0tKOY8RAvMezTLy8IquNodL9cJRo5cQIuvQVcce8jBZ7FJHBQ6g9IM4zlRGPAwMmLedWATU6c9ZcYLNRCdUvuyUHjR7L2H8UVJbz4T6_RTkkF17YG70koryMPvV1OAaVxZSQlLj3TJDRMzKTn6gJVWUw2wa7hVAnnLD8GutZWbG1cH-fys1bFlljwzICnvFcIDF5ZecwVxnkIlhAtFHOsyx1fmtc2WyWuixtmEZCLzRc9WeIanlYs02Lhd-iYcl1XmqQMMf51wek7dNvDQWMi-pr88YN4Z1sAdYKRa7xtTiS2RLjJJ5rdlrofXLiIupZf3StxoDzoyiVCu0kXhEZYxFhuFyxXDldAfHWiu8msCYHZZrvCGOi6nnzSVH1w5rDVmbHa7OP64hjhhLIdDrebbwU9RTklg63jLcvF0oKwcVssoQ2ZCMYJRYMHml8AehqZiXCwMAOTZwn-gCMn0fkjdcV7OUTmylpdWe-davc_54SFSTsFPtJ0reLDVsMtLwi07YvpH6WannxF6To3NupOwKCwTWK7HbY2zaZeJrV4LcDhFd0s7HaskRw1yzzDE_m3mciv77fyvdZt2aw80pYmI3oTFyjbrtxBEqn75dD0NfcYzQ5JRC7L-NjV_lnbO8WhzyG4XQSeuGF-WcYBlogvOT1-dHecUb_NKzTqu4-YKaUOvE3lOIXPNeCMjkRqAo3j7fBc7hn_3oQ9bbvlui_jyxUeuW5Htl5yX2uIH62I5IaODCvc76au6mRjHG8y4tT5qdsHKtelcnwRnaXbC40d5J7RpqzoTmgQLSD8ybSWYr-20dxcMDJBdk8MwCWsNsiqsH9DU7YPV1flmyrRKXPxmotL7JvCacPFkoYmGtws2zivz7656fLOsIRY6kodNiNZcI3ptsvEuImFsAdxrFuV6tA6mh29c4AwI89-f7HYOJvhAV-8vSfQSQeCdKdULENXvw0nMQrhK9AiW3gLzcGT3Z_h1TLFI-76KUWuIanSvyFc2sHFE2acaNI9bu0Ng3FSrp_RW6rdje2al7kr1WhXJzS_x0o8xvCXeTz5PfrFGYv1jCi88lVWkzNRDGKZVNlqzid4ijlEdExsT1e75qhqVF-Q3tvvCiyFFM38Oz86DD-WktrRhIh9aRfwwgGsH-oooETHwZAh0v5tO4O1Qa63r2nI_CcXpq9jhLrhPwxgz8vmmtV5Y5_QoAuf0K1EKaX1F9R95k_5LL-egWbJ54FN8ZgrW6o_uiex7nydifQGGamJ1AMlxQLtTii6nYl0C6ngHzFf4sS31-0XSns%26sai%3DAMfl-YSdoKT_QqZhXn-E-CX_I66zkr9h7y3_rTK3BC4qgFaOVajbdn2orrkVFgAdWOyhzM0zkng-UYrBw6Oyd-iiHMeUtoxe6DPTouUZD1kEH-xThLa15yaAyTpOZUfgBhkTAR6wEdA2vSYIqPc12b7aTZ2291HrIiB8k9zbxJ2G9A1TsO2HUJLkdiHDqCiOXa86zJ-zp4icRKZxPZvLE93Ap4zML3JN6Bv-E8cmubCyUnke4vNK3p_vW4igoPAp7uy3iCEvA3psUwFR223aqdorr5o_fSl3g9bQETU02a0jkTMr%26sig%3DCg0ArKJSzN_-VtI2F89eEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16831550403370811392/CH-DE_STGO_Overall_platform-1-DECH-300x250-638330445275967645-c730622a-2cf5-4958-a64d-2195a9a063b8.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
807ce7c54a9770500913377d37c5771b5660f785da3c8ba8c32fa0916f648165

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 23:36:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
828408a38ba5020d-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 552C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
44195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 11:19:32 GMT
expires
Sun, 17 Nov 2024 11:19:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9802 		829 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
72fc4743c7c82f8cdcebd6c1e5fe20ecac89bb2125990a606f8a887d5791242f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_Lp3v4l74nXnoHbIhU8XsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_Lp3v4l74nXnoHbIhU8XsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 23:36:07 GMT
expires
Sat, 18 Nov 2023 23:36:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
document.00000023F3E59C.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4826812/6115872/ Frame 9042 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4826812/6115872/document.00000023F3E59C.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cff01843eb9eeda766b78?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstzpELAY33axbGxxZaUtztJTa6jjSEa9TQ8T9N6Heg1JllraAtwPGIZtPwg0xuDYY9kmEnWF329ofbeo_pwn5N6NKFV4s9bp_sCCLA4FyrCNEJ9Dji3pFN193omtpmhYRUbs5eN3mbefY07To_RqWYkiORq20n7DD97ztMjWYIt0vM0tKOY8RAvMezTLy8IquNodL9cJRo5cQIuvQVcce8jBZ7FJHBQ6g9IM4zlRGPAwMmLedWATU6c9ZcYLNRCdUvuyUHjR7L2H8UVJbz4T6_RTkkF17YG70koryMPvV1OAaVxZSQlLj3TJDRMzKTn6gJVWUw2wa7hVAnnLD8GutZWbG1cH-fys1bFlljwzICnvFcIDF5ZecwVxnkIlhAtFHOsyx1fmtc2WyWuixtmEZCLzRc9WeIanlYs02Lhd-iYcl1XmqQMMf51wek7dNvDQWMi-pr88YN4Z1sAdYKRa7xtTiS2RLjJJ5rdlrofXLiIupZf3StxoDzoyiVCu0kXhEZYxFhuFyxXDldAfHWiu8msCYHZZrvCGOi6nnzSVH1w5rDVmbHa7OP64hjhhLIdDrebbwU9RTklg63jLcvF0oKwcVssoQ2ZCMYJRYMHml8AehqZiXCwMAOTZwn-gCMn0fkjdcV7OUTmylpdWe-davc_54SFSTsFPtJ0reLDVsMtLwi07YvpH6WannxF6To3NupOwKCwTWK7HbY2zaZeJrV4LcDhFd0s7HaskRw1yzzDE_m3mciv77fyvdZt2aw80pYmI3oTFyjbrtxBEqn75dD0NfcYzQ5JRC7L-NjV_lnbO8WhzyG4XQSeuGF-WcYBlogvOT1-dHecUb_NKzTqu4-YKaUOvE3lOIXPNeCMjkRqAo3j7fBc7hn_3oQ9bbvlui_jyxUeuW5Htl5yX2uIH62I5IaODCvc76au6mRjHG8y4tT5qdsHKtelcnwRnaXbC40d5J7RpqzoTmgQLSD8ybSWYr-20dxcMDJBdk8MwCWsNsiqsH9DU7YPV1flmyrRKXPxmotL7JvCacPFkoYmGtws2zivz7656fLOsIRY6kodNiNZcI3ptsvEuImFsAdxrFuV6tA6mh29c4AwI89-f7HYOJvhAV-8vSfQSQeCdKdULENXvw0nMQrhK9AiW3gLzcGT3Z_h1TLFI-76KUWuIanSvyFc2sHFE2acaNI9bu0Ng3FSrp_RW6rdje2al7kr1WhXJzS_x0o8xvCXeTz5PfrFGYv1jCi88lVWkzNRDGKZVNlqzid4ijlEdExsT1e75qhqVF-Q3tvvCiyFFM38Oz86DD-WktrRhIh9aRfwwgGsH-oooETHwZAh0v5tO4O1Qa63r2nI_CcXpq9jhLrhPwxgz8vmmtV5Y5_QoAuf0K1EKaX1F9R95k_5LL-egWbJ54FN8ZgrW6o_uiex7nydifQGGamJ1AMlxQLtTii6nYl0C6ngHzFf4sS31-0XSns%26sai%3DAMfl-YSdoKT_QqZhXn-E-CX_I66zkr9h7y3_rTK3BC4qgFaOVajbdn2orrkVFgAdWOyhzM0zkng-UYrBw6Oyd-iiHMeUtoxe6DPTouUZD1kEH-xThLa15yaAyTpOZUfgBhkTAR6wEdA2vSYIqPc12b7aTZ2291HrIiB8k9zbxJ2G9A1TsO2HUJLkdiHDqCiOXa86zJ-zp4icRKZxPZvLE93Ap4zML3JN6Bv-E8cmubCyUnke4vNK3p_vW4igoPAp7uy3iCEvA3psUwFR223aqdorr5o_fSl3g9bQETU02a0jkTMr%26sig%3DCg0ArKJSzN_-VtI2F89eEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77fa5f55fed897470bc435b7af9a61cf59dd4e49ac3d0e445def2f102e28881

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
xOdtJvEUjyxbNx9FFsSnUA==
age
953779
cf-polished
origSize=27844
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 16 May 2023 11:23:23 GMT
server
cloudflare
etag
W/"0x8DB55FFF62C7847"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a218204d-901e-002d-18cb-1166a0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
828408a42cc4020d-ZRH
animated-creative.322e55c9365620f3a62c.js
c.bannerflow.net/scripts/ Frame 9042 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cff01843eb9eeda766b78?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstzpELAY33axbGxxZaUtztJTa6jjSEa9TQ8T9N6Heg1JllraAtwPGIZtPwg0xuDYY9kmEnWF329ofbeo_pwn5N6NKFV4s9bp_sCCLA4FyrCNEJ9Dji3pFN193omtpmhYRUbs5eN3mbefY07To_RqWYkiORq20n7DD97ztMjWYIt0vM0tKOY8RAvMezTLy8IquNodL9cJRo5cQIuvQVcce8jBZ7FJHBQ6g9IM4zlRGPAwMmLedWATU6c9ZcYLNRCdUvuyUHjR7L2H8UVJbz4T6_RTkkF17YG70koryMPvV1OAaVxZSQlLj3TJDRMzKTn6gJVWUw2wa7hVAnnLD8GutZWbG1cH-fys1bFlljwzICnvFcIDF5ZecwVxnkIlhAtFHOsyx1fmtc2WyWuixtmEZCLzRc9WeIanlYs02Lhd-iYcl1XmqQMMf51wek7dNvDQWMi-pr88YN4Z1sAdYKRa7xtTiS2RLjJJ5rdlrofXLiIupZf3StxoDzoyiVCu0kXhEZYxFhuFyxXDldAfHWiu8msCYHZZrvCGOi6nnzSVH1w5rDVmbHa7OP64hjhhLIdDrebbwU9RTklg63jLcvF0oKwcVssoQ2ZCMYJRYMHml8AehqZiXCwMAOTZwn-gCMn0fkjdcV7OUTmylpdWe-davc_54SFSTsFPtJ0reLDVsMtLwi07YvpH6WannxF6To3NupOwKCwTWK7HbY2zaZeJrV4LcDhFd0s7HaskRw1yzzDE_m3mciv77fyvdZt2aw80pYmI3oTFyjbrtxBEqn75dD0NfcYzQ5JRC7L-NjV_lnbO8WhzyG4XQSeuGF-WcYBlogvOT1-dHecUb_NKzTqu4-YKaUOvE3lOIXPNeCMjkRqAo3j7fBc7hn_3oQ9bbvlui_jyxUeuW5Htl5yX2uIH62I5IaODCvc76au6mRjHG8y4tT5qdsHKtelcnwRnaXbC40d5J7RpqzoTmgQLSD8ybSWYr-20dxcMDJBdk8MwCWsNsiqsH9DU7YPV1flmyrRKXPxmotL7JvCacPFkoYmGtws2zivz7656fLOsIRY6kodNiNZcI3ptsvEuImFsAdxrFuV6tA6mh29c4AwI89-f7HYOJvhAV-8vSfQSQeCdKdULENXvw0nMQrhK9AiW3gLzcGT3Z_h1TLFI-76KUWuIanSvyFc2sHFE2acaNI9bu0Ng3FSrp_RW6rdje2al7kr1WhXJzS_x0o8xvCXeTz5PfrFGYv1jCi88lVWkzNRDGKZVNlqzid4ijlEdExsT1e75qhqVF-Q3tvvCiyFFM38Oz86DD-WktrRhIh9aRfwwgGsH-oooETHwZAh0v5tO4O1Qa63r2nI_CcXpq9jhLrhPwxgz8vmmtV5Y5_QoAuf0K1EKaX1F9R95k_5LL-egWbJ54FN8ZgrW6o_uiex7nydifQGGamJ1AMlxQLtTii6nYl0C6ngHzFf4sS31-0XSns%26sai%3DAMfl-YSdoKT_QqZhXn-E-CX_I66zkr9h7y3_rTK3BC4qgFaOVajbdn2orrkVFgAdWOyhzM0zkng-UYrBw6Oyd-iiHMeUtoxe6DPTouUZD1kEH-xThLa15yaAyTpOZUfgBhkTAR6wEdA2vSYIqPc12b7aTZ2291HrIiB8k9zbxJ2G9A1TsO2HUJLkdiHDqCiOXa86zJ-zp4icRKZxPZvLE93Ap4zML3JN6Bv-E8cmubCyUnke4vNK3p_vW4igoPAp7uy3iCEvA3psUwFR223aqdorr5o_fSl3g9bQETU02a0jkTMr%26sig%3DCg0ArKJSzN_-VtI2F89eEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
juPt1GbRx23XCKIRo1MiKA==
age
1450347
cf-polished
origSize=159689
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 11 May 2023 08:35:06 GMT
server
cloudflare
etag
W/"0x8DB51FA9F714A4E"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dc8f3702-601e-0074-1347-0dd9d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
828408a42cc7020d-ZRH
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700350558957&gcd=11l1l1l1l1&dma=0&cid=1109969163.1700350560&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700350562&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=%E8%B6%B3%E7%90%83%EF%BC%8F%E4%B8%AD%E8%8F%AF%E5%A5%B3%E8%B6%B3%E7%99%BD%E6%B7%A8%E6%AD%A3%E5%A6%B9%E6%9E%97%E5%8B%BB%E3%80%80%E7%B5%90%E6%9D%9F%E5%85%A8%E5%B9%B4%E6%AF%94%E8%B3%BD%E5%B1%95%E9%96%8B%E8%AE%8A%E7%99%BC%E7%BE%8E%E7%99%BD%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=7&tfd=10925
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9802 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2282773991025286&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 552C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
30601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 15:06:06 GMT
generate_204
tpc.googlesyndication.com/ Frame 552C 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?u1xkOg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 9042 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
17d88367-ca0a-4163-bf1f-1eaa3415e0c4
https://s0.2mdn.net/ Frame B2E8 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/17d88367-ca0a-4163-bf1f-1eaa3415e0c4
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.322e55c9365620f3a62c.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=11616&tvi50=13156&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
73
date
Sat, 18 Nov 2023 23:36:07 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
69615
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21081-AMS
pragma
no-cache
server
nginx
x-timer
S1700350567.346966,VS0,VE73
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame E4AE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
font
c.bannerflow.net/fs/api/v2/ Frame 9042 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20.023%3AABCDEHIMVabcdefghiklmnoprstuw%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16831550403370811392/CH-DE_STGO_Overall_platform-1-DECH-300x250-638330445275967645-c730622a-2cf5-4958-a64d-2195a9a063b8.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed06352583ea81f637c768d64a743aaa3ea532283a8c2e9cd9779e9d543c058f

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 02:03:39 GMT
server
cloudflare
age
941548
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
828408a5bfce01f8-ZRH
expires
Thu, 07 Nov 2024 02:03:39 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 9042 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20Kelnost
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16831550403370811392/CH-DE_STGO_Overall_platform-1-DECH-300x250-638330445275967645-c730622a-2cf5-4958-a64d-2195a9a063b8.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae837bfbe21055184f9b10ca37df92c859ee586a2791a44d5646155962934291

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 07:14:07 GMT
server
cloudflare
age
922920
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
828408a6388b01f8-ZRH
expires
Thu, 07 Nov 2024 07:14:07 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 3ECB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=135&h=195&q=99&f=webp&rt=contain
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adea4fbe0d06734a8bf999e9755dc5a75fe59f81f7bc96c16ff863888cf2bf6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 09:19:12 GMT
api-supported-versions
2.0
server
cloudflare
age
51415
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
828408a73a25020d-ZRH
content-length
1498
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 3ECB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F4b2e725c-1100-4661-9e47-7d98259944bc.png&w=316&h=237&q=99&f=webp&rt=contain
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
debd11fb5d53c51551327e0b492e4f7bdd7fd92def38bcbc3574df784b327e9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 12:54:30 GMT
api-supported-versions
2.0
server
cloudflare
age
38497
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
828408a73a29020d-ZRH
content-length
12092
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 3ECB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2Fd3bc406b-e9da-4faa-b2a9-03d21dd7d364.png&w=80&h=33&q=99&f=webp&rt=contain
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d3fa23649efb93279fb6f716dee0c9f96e65042e8a7e579c25500471734e15

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 23:03:52 GMT
api-supported-versions
2.0
server
cloudflare
age
1935
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
828408a73a2c020d-ZRH
content-length
1500
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
301871cb-4ee2-47fb-a505-d8a1e2677930.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 3ECB 		152 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/301871cb-4ee2-47fb-a505-d8a1e2677930.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lx/tqoPhxe1djqV9/qEdwQ==
age
1877
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 13:23:17 GMT
server
cloudflare
etag
W/"0x8DAA08B70B1F9D9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8e0cfec6-801e-0088-1599-0c082f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408a73a2e020d-ZRH
7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 3ECB 		361 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
RUbP+sQxMgp/o5unKdEvSg==
age
1881
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 12:36:07 GMT
server
cloudflare
etag
W/"0x8DADD069B8C58B6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f1c0ed91-701e-009c-372f-0d4040000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408a73a2f020d-ZRH
/
c.bannerflow.net/tr/v2/pixel/ Frame 9042 		0
81 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cff01843eb9eeda766b78?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstzpELAY33axbGxxZaUtztJTa6jjSEa9TQ8T9N6Heg1JllraAtwPGIZtPwg0xuDYY9kmEnWF329ofbeo_pwn5N6NKFV4s9bp_sCCLA4FyrCNEJ9Dji3pFN193omtpmhYRUbs5eN3mbefY07To_RqWYkiORq20n7DD97ztMjWYIt0vM0tKOY8RAvMezTLy8IquNodL9cJRo5cQIuvQVcce8jBZ7FJHBQ6g9IM4zlRGPAwMmLedWATU6c9ZcYLNRCdUvuyUHjR7L2H8UVJbz4T6_RTkkF17YG70koryMPvV1OAaVxZSQlLj3TJDRMzKTn6gJVWUw2wa7hVAnnLD8GutZWbG1cH-fys1bFlljwzICnvFcIDF5ZecwVxnkIlhAtFHOsyx1fmtc2WyWuixtmEZCLzRc9WeIanlYs02Lhd-iYcl1XmqQMMf51wek7dNvDQWMi-pr88YN4Z1sAdYKRa7xtTiS2RLjJJ5rdlrofXLiIupZf3StxoDzoyiVCu0kXhEZYxFhuFyxXDldAfHWiu8msCYHZZrvCGOi6nnzSVH1w5rDVmbHa7OP64hjhhLIdDrebbwU9RTklg63jLcvF0oKwcVssoQ2ZCMYJRYMHml8AehqZiXCwMAOTZwn-gCMn0fkjdcV7OUTmylpdWe-davc_54SFSTsFPtJ0reLDVsMtLwi07YvpH6WannxF6To3NupOwKCwTWK7HbY2zaZeJrV4LcDhFd0s7HaskRw1yzzDE_m3mciv77fyvdZt2aw80pYmI3oTFyjbrtxBEqn75dD0NfcYzQ5JRC7L-NjV_lnbO8WhzyG4XQSeuGF-WcYBlogvOT1-dHecUb_NKzTqu4-YKaUOvE3lOIXPNeCMjkRqAo3j7fBc7hn_3oQ9bbvlui_jyxUeuW5Htl5yX2uIH62I5IaODCvc76au6mRjHG8y4tT5qdsHKtelcnwRnaXbC40d5J7RpqzoTmgQLSD8ybSWYr-20dxcMDJBdk8MwCWsNsiqsH9DU7YPV1flmyrRKXPxmotL7JvCacPFkoYmGtws2zivz7656fLOsIRY6kodNiNZcI3ptsvEuImFsAdxrFuV6tA6mh29c4AwI89-f7HYOJvhAV-8vSfQSQeCdKdULENXvw0nMQrhK9AiW3gLzcGT3Z_h1TLFI-76KUWuIanSvyFc2sHFE2acaNI9bu0Ng3FSrp_RW6rdje2al7kr1WhXJzS_x0o8xvCXeTz5PfrFGYv1jCi88lVWkzNRDGKZVNlqzid4ijlEdExsT1e75qhqVF-Q3tvvCiyFFM38Oz86DD-WktrRhIh9aRfwwgGsH-oooETHwZAh0v5tO4O1Qa63r2nI_CcXpq9jhLrhPwxgz8vmmtV5Y5_QoAuf0K1EKaX1F9R95k_5LL-egWbJ54FN8ZgrW6o_uiex7nydifQGGamJ1AMlxQLtTii6nYl0C6ngHzFf4sS31-0XSns%26sai%3DAMfl-YSdoKT_QqZhXn-E-CX_I66zkr9h7y3_rTK3BC4qgFaOVajbdn2orrkVFgAdWOyhzM0zkng-UYrBw6Oyd-iiHMeUtoxe6DPTouUZD1kEH-xThLa15yaAyTpOZUfgBhkTAR6wEdA2vSYIqPc12b7aTZ2291HrIiB8k9zbxJ2G9A1TsO2HUJLkdiHDqCiOXa86zJ-zp4icRKZxPZvLE93Ap4zML3JN6Bv-E8cmubCyUnke4vNK3p_vW4igoPAp7uy3iCEvA3psUwFR223aqdorr5o_fSl3g9bQETU02a0jkTMr%26sig%3DCg0ArKJSzN_-VtI2F89eEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
828408a7bb09020d-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:07 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame 604E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=noextension&lid=143&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=640885188261767&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 604E 		453 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-1290995901905588
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:54:21 GMT
x-content-type-options
nosniff
age
2506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:44:21 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 604E 		42 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CJrnkYkpZZZOJNoWL9fgPms2iiAq93_zyc5HnpbyHEvfSor3AARABIIDP1Hxg9Y2_gagEoAHEw572A8gBAakCY4pXHjzxsj7gAgCoAwGYBACqBPUDT9D7QsVP28IZwi7ZsKZqstEFjuXgfP9JI5eGVmZ80AkYu4Kv-7C9WsxNHoU-NFY6XIOvd8WM3oaCgOlJWpsnWjaFSNynnybXtLftF5RM-lFc0pZBYYddWGVUY2y9orlwAVbxUBm0D-e1_a6_0fFTvoLR9kzvyswNLSjFXqGWccgXk09U9Ocs0RFJ78tjcPo7u0Ln53SDuS6M6mRULD4hadMhY70Sh2Xeg4yA2bOIQF8QCF3PHKxsw8OsdUUOBiuxSX7fIh4y0Byiiz4b1PtTGKnBY7AD7cTNJr2uLjJ7Ys94U8db6dxUOWGFjVmHNht40_xaVfE8rqW1u2s54H1P25I_0UUEQ5VcA3AhRGQzfvpC0FHF6XhanAhXoP2aBFBT8Tg3tdqV0Mcl1nTF7kCNoe19t-DmOlTo1y6aDxdYWn3qjoSHjAQh2AnC3HOJ1TH9_nCU_-O3Mre7Xf2E4TWFQN11CZd0N4tomdwWQjujipU2P-2XUqNiZLVW54fMGzRibVEdv-wRw94NMTKZ1YDmP23YtKBtaFMWbfLgMB9Fp5jKvZF1NconUle5aM6EOxwqbjs23T8JHyzGqRAoBOWEaAAilcG7K9qpMHK8k_vgr_j8J9CQK-ZNBUVLl4TgCi3Fo36DZlNDJmKk1BXbtd9Wz0IlcIVbwAT64MDdtwTgBAGIBYvQ54tLoAZUgAekvOEJqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqxCSh7SJT2GJXfgAoDmAsByAsB0AsOogwUKhIKEOS0sQLutbECtbixAru7sQKaDQEOqg0CQ0jIDQHiDRMIv8GsutvOggMVhUUdCR2apgih2BMM0BUB4hYCCAH4FgGAFwE&sigh=EG0TJYN_GWI&label=show_ad
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:07 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 604E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CqUicYkpZZZOJNoWL9fgPms2iiAq93_zyc5HnpbyHEvfSor3AARABIIDP1Hxg9Y2_gagEoAHEw572A8gBAakCY4pXHjzxsj7gAgCoAwGYBACqBPIDT9D7QsVP28IZwi7ZsKZqstEFjuXgfP9JI5eGVmZ80AkYu4Kv-7C9WsxNHoU-NFY6XIOvd8WM3oaCgOlJWpsnWjaFSNynnybXtLftF5RM-lFc0pZBYYddWGVUY2y9orlwAVbxUBm0D-e1_a6_0fFTvoLR9kzvyswNLSjFXqGWccgXk09U9Ocs0RFJ78tjcPo7u0Ln53SDuS6M6mRULD4hadMhY70Sh2Xeg4yA2bOIQF8QCF3PHKxsw8OsdUUOBiuxSX7fIh4y0Byiiz4b1PtTGKnBY7AD7cTNJr2uLjJ7Ys94U8db6dxUOWGFjVmHNht40_xaVfE8rqW1u2s54H1P25I_0UUEQ5VcA3AhRGQzfvpC0FHF6XhanAhXoP2aBFBT8Tg3tdqV0Mcl1nTF7kCNoe19t-DmOlTo1y6aDxdYWn3qjoSHjAQh2AnC3HOJ1TH9_nCU_-O3Mre7Xf2E4TWFQN11CZd0N4tomdwWQjujipU2P-2XUqNiZLVW54fMGzRibVEdv-wRw94NMTKZ1YDmP23YtKBtaFMWbfLgMB9Fp5jKvZF1NconUle5aM6EOxwqbjs23T8JHyzGqRAoRue1-pSYTosq8J4j2HkIe-VERdxY5aK0IT1HK13GEXbEruVsjVKb8NyAbPNdCAX4rUfNP0mRwAT64MDdtwTgBAGIBYvQ54tLkgUQCBIQBRgPMLmujNG2reODVqAGVIAHpLzhCagH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwMQqASoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJPGh0dHBzOi8vd3d3LmFzc3VyYS5jaC9kZS9wcm9kdWt0ZS96dXNhdHp2ZXJzaWNoZXJ1bmdlbi9yZWlzZYAKA8gLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwRCgsQkLf7uZ681oOdARICAQPiDRMIv8GsutvOggMVhUUdCR2apgihwhMGGMTDnvYD2BMM0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTg1NTE0OTk5ODkwMzk3Nhi7iXY&sigh=u6p16JISiGk&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSPADICaaNOR_ySqXO3rJQ6SwIoHoAI7gTgb-4V2BWut7eHxadyfjAfV-pYqV7SsoJDTRws1VK9uHyS1yHFBgB&vt=10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0AF 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=298086784363&version=m202309260101&ct=76&x=1&cor=936159297289832400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lp4otm0r&c=3201706815534&slotId=1600853407767&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.flv
r2---sn-1gi7znek.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/sign...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/ip,ipbits,expire,id,itag,source/signature/5537E6BA8564AE3948...
  • https://r2---sn-1gi7znek.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,sou...
0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-1gi7znek.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B028ED6E7347612634E460DBF18CE4CB9D37E04.07D8EEAC7D3AD9DEF699EEB09ED792547F17FC59/key/cms1/cms_redirect/yes/mh/9f/mip/31.164.63.86/mm/28/mn/sn-1gi7znek/ms/nvh/mt/1700350342/mv/m/mvi/2/pl/15/file/file.flv
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
HTTP/1.1
Server
74.125.108.199 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:08 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-1gi7znek.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B028ED6E7347612634E460DBF18CE4CB9D37E04.07D8EEAC7D3AD9DEF699EEB09ED792547F17FC59/key/cms1/cms_redirect/yes/mh/9f/mip/31.164.63.86/mm/28/mn/sn-1gi7znek/ms/nvh/mt/1700350342/mv/m/mvi/2/pl/15/file/file.flv
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
611
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8849 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2282773991025286&bg=!PzylPHPNAAZxrfrxUa07ADQBe5WfOHdIyuHYT5dF9KDZdZL6PZ5g50M77Sznq3Kx_62vt4FEoKBLK0rOxVQebBitpS1eAgAAAG1SAAAAA2gBB5kCyTiBmTcS-WSe5T9y7Q6eD9hmjM2l1NY1jM-VGLF7Mfg8T1u4mBiNTzQsaZq5gpAyPhXNFz4Tkm4SH3TV7f0THQJXrU_G-pEtUrAWyD7uCCh8hU05NbuFqe15sQSt95uj2Dku9DBerr3nfMQRIbknfpE0wHx35doTpiF0pzWHz4xiJX8wTWd899xIMIKZzDEUSy_h3FwGnTpJ5tPHEOCJSTkMDdM2yHXUDIb6k2XYHa4JiNH57yEvA4AcQ_9GY4Za3DGGf7PUvPliM3IFPfOuPcmtY1ENSyPMusgDM6LrAgzqK75SjqGeI8_24L0iavrEV67Z38ORfO7XekhUoe4GoonN8m5AHHFWYfQVwMzZBth53dTs0DHFea1tT1N7PnyirWbB0Qj-23jjDZ6IRfD5Kz9ht0NB08QPaLz_XAzHkxr0N8REJiDg0h-cYV3SP6Lx17OoTVB5mPddNcMzBwdA8HMKoZNsD5RozSIyQXtkvwn1HPFSdXxMyX-z99B475_ucyDIiStjf9NLDdPXBKp4PiAsJybZ2SwdOPLP0tuzG4rdQMR3CZ8W6Wl1uEMperoRUCMhGP3MPssdC7tJDbDuuCOyaiOKUeljEZcDV9DM6wGXyjTKWsTPuLv9NU50mIlhpWz-JvUeOCnq3NmSJBFLUfXg0yZa50TWC4IOjaP9WS-v81HIf9O5ABQLQJY9SttNykKFrBe098giX6m1y9Bo5QPfa84vqm84RS0fK0CYngV1oFhCwAA31xJlOk2iv91t6NvbY1UCmQa5JPmHAveJZVsryUpv-YWdrSSpTl8VDulDd7_W_ZX7A6w0vNLu2rV9Wr3EGyXoeLo6gE-GbHHi0WalULtLAw8c96ifC2aqu84sH9EtJVBR8IK2-_uXG1OmIZToQobHsvhqQrN7-MbO-8OZ5ujcLl3uFjRmeY8w1XdNL44P15dMV04F
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 2F29 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16431734&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
74e1bec92cfb3c7502f1400de9911ba46b2d2575c4a5a7b164a9df4f8f72e3b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 18 Nov 2023 23:36:07 GMT
content-length
1239
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 65DB 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:08 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0A04
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=02efd0e7be4ad52e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=b42411558eb6cc58e7e7aeca5e1efa25&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaXnMQanThnWgQVXn&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaXnMQanThnWgQVXn&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 23:36:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaXnMQanThnWgQVXn&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame D5F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 18 Nov 2023 23:36:08 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 69A1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E8792D6D8EDA461797697F729A7C99E1&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E8792D6D8EDA461797697F729A7C99E1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:36:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 18 Nov 2023 23:36:08 GMT
expires
Fri, 17 Nov 2023 23:36:08 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E8792D6D8EDA461797697F729A7C99E1&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 5020
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8419406205
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8419406205
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 18 Nov 2023 23:36:08 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 18 Nov 2023 23:36:08 GMT
etag
RX22ae08b3f0d1462087b443f858a36259003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8419406205
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
C5463CF2-8511-4A81-B5E9-27264C2643DF
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 94A0 		0
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
828408aa3c5801b7-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:36:08 GMT
server
cloudflare
vary
Accept-Encoding
mw
mwzeom.zeotap.com/ Frame 2F29 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
828408ad4fed702f-CDG
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 2F29
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C5463CF2-8511-4A81-B5E9-27264C2643DF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C5463CF2-8511-4A81-B5E9-27264C2643DF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C5463CF2-8511-4A81-B5E9-27264C2643DF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:11 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:11 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C5463CF2-8511-4A81-B5E9-27264C2643DF&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2F29
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C5463CF2-8511-4A81-B5E9-27264C2643DF&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8583faeb368b46f6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b42411558eb6cc58e7e7aeca5e1efa25&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:08 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E4AE 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82040297&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 18 Nov 2023 23:36:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame FFAC 		47 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45163184&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 18 Nov 2023 23:36:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
sync
ads.servenobid.com/ Frame AED8 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.122.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-122-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sat, 18 Nov 2023 23:36:08 GMT
usersync
usersync.gumgum.com/ Frame 4D3B 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 18 Nov 2023 23:36:08 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame C2AD 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C5463CF2-8511-4A81-B5E9-27264C2643DF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 18 Nov 2023 23:36:08 GMT
Expires
0
Pragma
no-cache
view
googleads4.g.doubleclick.net/pcs/ Frame 3D8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTKYopB3-0kOOCXD5vQz3-1uBkaT28IZrX6AcLWy-4cGe79vjNQCt5qNkSAjNRLCm66eD5e3fYlLNZyi8u-sEiFPv7P0E4D0b1AkQBIi2ULhGKQBRxuwBjnWM7aWUsrTSlRawMku0n5G2KB98Gh2BiUAnvQ3mi1udF7mhPJoNjY9zbLn1e3hGOZIjHHEUrjLior4feWohYxmMJ76_J9Enyows0reUGvCppMmHYbWFSl_4cWqkEM7OoHrhFstCJlM3TnOaljX_00QG4zCxGuSFUI1X1rYAZc40amPP3cs8vZ-a_LupGOKEEuDjh5B7cgb8ZwPycgJVDPnkrqfZ9YtmgSa6GC29vaiNs8KgJRkZCXNBgkIU5kN7EY2IDrJX6njy6leCLpNER3tQIg7RqEVDpXcW02yl0_bFvfNE1qFvHenIuCfeQCnbbkaweSi3z72OqtZVwruYAc9PKxDUVeNxbR-xTqBKUDw-ZGNy0iXAZwstSjE5dW1Jcl_A7HDSSTxsdnrCSOMue7mmB1BewImTIz6PtYUYN39NkQdE30j4m0QxhDvoXttr2jvQmegqNfqVo79rcAXjPXdihJVtjUlZm_A2dvCKy0n4-zLIesU3FHM_HNTG48T37GYGISf-mYhT29BnnMCWnkB-Uw1mzfmRIiD0ayMigvRH1HNhOdlzPUK-NRfa9EBufXftv2s857wAbObtRFxLf90IV5JWGvxvNoA2DFFI_HrE7udsObB0wuwJaYgTdQHiJvvQf_GMCKEoC1n24wfb-QOylBZFUgXdGEwgLxQjrj1NjTvCds40DWGHmkssoXrlYi7FbCO5FiP6kf_A0o3c0NR03RAcLYyR_tzjoFMuQKRGVlFv4H4VNnPR_1tydqVfX0vu9d-0xt3P73dUGvOnd1Y5x1OcF0FsTpCj_jbFLarJ1t0e_fN2QuFCukjGjs53ScJkVqXKMo2WKjd5WbB539dhxSZlNKFPdHmnlHFuf_V7UtAJ-Ic9WUQyQbrIglsngIUYMUpxLanOk3LQdqZrB9nX3ySDyaBOLtmjpXp3rQ2Sn8WMA2mpshHnMlAFOkFaYKEWULF0gHIgo5UYSwWAVt7ztq3ujrDiptg9CvX5TQJjoqeACY6yUmtojGyZyiGXwEYjvTVn1LD8nxmI6z0famxfvdJqqDo53tvSJcmzCgYv0rrHvay7VA3sZ7T03NyRDv-BC--u3tkYGEJCSzj9O-iEgP9DAWJ4m386oKMRTvATI45GILwXAOqiqn48UtQARbgfXR9zDIxojdjIvddZTgZxaitYVn6-ElrG9kyGVjxjsGpoobP7f_poyFIshY5ejtyb-MAtx1EAcUIcCVPUnRyhniveWJCycW09vaya6WYLP4QDHZxoj9B2vebpvbzqYGm74TqZR2Q7fHqJb-dNxQ6BAsztIc5j6XzpG447sZd-Ff3bJ__I4fwWaxy5E5fBsP7NQW872VBRep8JcW3oYCJUnz1VjCtLdXPNsEPQ-Ssgfevqkg9nRXxnDWcmu530md7Rh2Vgu6myWSwcz5EZQNwWcnZQY9vOfxu43Swf0BhqCwQ&sai=AMfl-YR2VU_sqw_E4BAed-BN39fhyDUhcrB4kfzSnF8V4CZULNz6BvGE87nt85m6Px-SI3ozbCxeidrjp1USCpOhXpnw9nzu6bQn_V5fuKtzdy-y1o47UYpG8EC7rKWLkYzm0iDGTW6UoqMBsZ7di9tZ-364KsRNBSEV5nFUYz3lmZyySYyFnB0ZFZzm7czG9Ltosman3hSz02kXOEr1KQ-zVBCFOmNu_WQHDR6xayNKRrDiSvTJKUoe918PxzRMKp4ugANbz9R7A5d8GznCkgFr6f-ppNnz7zBwWg&sig=Cg0ArKJSzCzrb36axtf9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=6111&vt=11&dtpt=5010&dett=3&cstd=6104&cisv=r20231109.41158&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_interest_rate-1-DECH-300x250-638330445275979907-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html
s0.2mdn.net/sadbundle/7196943425541767168/ Frame 38AD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7196943425541767168/CH-DE_interest_rate-1-DECH-300x250-638330445275979907-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
cc25262f1277646f3a456c79946112b106b0b8b47bcf9abe3add99c8a8f1761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
433561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1417
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 23:10:07 GMT
expires
Tue, 12 Nov 2024 23:10:07 GMT
last-modified
Mon, 16 Oct 2023 09:15:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
652cf45a843eb9eeda7667ce
c.bannerflow.net/a/ Frame 38AD 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652cf45a843eb9eeda7667ce?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstYVF9GLSqPOdBmqbVsz-9boPy2rmJ5O_dqqVBTcxRxQ-ieKP-6wrgN8qcp3KUPq7o4RC9_wW_3Yi_S4SjzAiW7VmJJMXAFMz63fw8rwWRMQCAaM1r9b0mwtLPR3WkkLa5C_S30u3IgW0ue7P-WmB8etTskvP74FsDKMkFAitkeU-uzJn0iBhthPEp2LRgQPMKMmPBjTd9kDW-6qG3p1jYE-UUUbMBaU03sYD0veyLczneptZRBXjHu52cldsObD-loNSaxiM3KDENdFoG15tIMjBbLXCnPsOwnd3rsvWIDSvSFgnIAECkmz5StTLk2Sa5iX8AXZJkIBT-ofBZQKBwxuR8xcEZdjxQnYaSFNw2aaaDe1gNJFMDm46s9CaYV5tRqU7sFQYaV6feI501SC5m_GcATs6xIEBiwVAcRWi0aahjIae_ehD3hb-5M0gPW_vdeb_GXSelNZ9JPzmG6wkuSfu5beuDuBUijqGWPzZ4qgVFGCPEg1yhcnNYV2sLImcAEnK3N_xRKIa7D2fqiKuHJZ9qrGbbowWYnRBJGtrGeZCH_0x86ZXixc-wit1NR2BOZFh4ErgWVBrwuOgLNjoPyr8aw18u4C0yVCHVuFXzjvYcb_kcdVvH-_pWHigJ9C5GsN4hl2kRc3fqn-Ku9jYbnv17RWQl0lPGwi-g9BYWwFVBWDR76wLLU9ZoQ1Me6RbeI-e7G0f23j4TtMkKWMazarvuLW99wrzonAM5shHR7BiIKulnBN1ts7CGkK6yjGThCy0NsfMV00ZFM9d_V4pZmSCsjYDXDOGD1rMiWcluZClaLc7aeIBy9HBNVNu-FiJi9SJZwcjr8T7GdVet4QroE-x-e18qAxWLa3yff9vfHSY7mv5Ys1DK8l8VOGWrb3E3YPN9qCtT9rBfhEP8Heh5U3rMp8QoiyK42COSRxyfPaIFGFrKeh69BpCe22m03JLRGUmtTB59kvMoEy9OweKri0XLbQ-dK0aYIH7cjhjuBzUS5EGH-XeWHSfaemQdxK7k6ugrpl5D6q6rnlKLJBaL7VTTTbBionpEyHXEPwScFITsNBf0A5FHK2d4ajCAT8gtHQu6mzsQTpQHgsHl2ZYw8lvhbjqwGcFymD352p_hCTqeNtvhXAREmft59-nN88pu-6qkdsyI3ESRIyspXAcCvPhOmdBh6mDaMecPsHaYJRpg9cSAqQkYclyB-eDupXBEwWrr2nTaF8e0aUR6nEHiEzysRGOIqK8Onx62QPVk6WyTZtR7MFboSqq6oy4MtHd0XGsHOe6KcdSJcYp1qyBtGB9skS4IMDf0G8Dzc0Oi9gfJuQIx_9aoJvxpsaW7xCBBZfTc6A9bc1Q7N4hmsJbOcmr8FnkpMpQaipgqff_ugk8Qg-zz7SC6ay7XLM-zJkh8DZe4x3abXCTwUeHf8kBR-S4fz3XD6k916_-X0VYzO1oMgfB2Ye8RsQUVIptOjSpVjtOs4O98m1WVqWxC4Ak4SxyB9siDfvkTcZ268t7Wqd73xUCJxCesxNHhstct5JLw2LWqniMOaRHBgFofCHN29CeEuvNYJwPs7oA%26sai%3DAMfl-YQgPNI_fYz-7VXXGdn8-6TD2QPPWsuOTrcgxJbmEoqSM_yyb88OoWYDQ_Nxu2pu6p2B9Eq7oNb3Vz4vxeuoVMOJyQ6MCNTZR5ddva5pnfT8ThnPqhu8Hx0-OESHxmaYvNXr-fkvj8YnjjrVeOGW7GbCtTNxN934kJg__k0QrrBlWF37KKmb5mnw6n2jQYcqHmtNPekhygGcRX7nfVAj-MrbbIxHYBLluwUvJ_opQRrkJeKe_9cntm1mXlXJRH2qusfPBmHwkY4jtkMe92geKpykTW1TDvz2n0BySBTdw5Aj%26sig%3DCg0ArKJSzJcPuQzyld-oEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7196943425541767168/CH-DE_interest_rate-1-DECH-300x250-638330445275979907-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020dd7fe92b9461f5bb82193086cefa99a2f42862351e06226d39d7c0ea87f4f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 23:36:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
828408af4903020d-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
widget.73803a8d9d4f3ba312b4.js
c.bannerflow.net/scripts/ Frame 38AD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667ce?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstYVF9GLSqPOdBmqbVsz-9boPy2rmJ5O_dqqVBTcxRxQ-ieKP-6wrgN8qcp3KUPq7o4RC9_wW_3Yi_S4SjzAiW7VmJJMXAFMz63fw8rwWRMQCAaM1r9b0mwtLPR3WkkLa5C_S30u3IgW0ue7P-WmB8etTskvP74FsDKMkFAitkeU-uzJn0iBhthPEp2LRgQPMKMmPBjTd9kDW-6qG3p1jYE-UUUbMBaU03sYD0veyLczneptZRBXjHu52cldsObD-loNSaxiM3KDENdFoG15tIMjBbLXCnPsOwnd3rsvWIDSvSFgnIAECkmz5StTLk2Sa5iX8AXZJkIBT-ofBZQKBwxuR8xcEZdjxQnYaSFNw2aaaDe1gNJFMDm46s9CaYV5tRqU7sFQYaV6feI501SC5m_GcATs6xIEBiwVAcRWi0aahjIae_ehD3hb-5M0gPW_vdeb_GXSelNZ9JPzmG6wkuSfu5beuDuBUijqGWPzZ4qgVFGCPEg1yhcnNYV2sLImcAEnK3N_xRKIa7D2fqiKuHJZ9qrGbbowWYnRBJGtrGeZCH_0x86ZXixc-wit1NR2BOZFh4ErgWVBrwuOgLNjoPyr8aw18u4C0yVCHVuFXzjvYcb_kcdVvH-_pWHigJ9C5GsN4hl2kRc3fqn-Ku9jYbnv17RWQl0lPGwi-g9BYWwFVBWDR76wLLU9ZoQ1Me6RbeI-e7G0f23j4TtMkKWMazarvuLW99wrzonAM5shHR7BiIKulnBN1ts7CGkK6yjGThCy0NsfMV00ZFM9d_V4pZmSCsjYDXDOGD1rMiWcluZClaLc7aeIBy9HBNVNu-FiJi9SJZwcjr8T7GdVet4QroE-x-e18qAxWLa3yff9vfHSY7mv5Ys1DK8l8VOGWrb3E3YPN9qCtT9rBfhEP8Heh5U3rMp8QoiyK42COSRxyfPaIFGFrKeh69BpCe22m03JLRGUmtTB59kvMoEy9OweKri0XLbQ-dK0aYIH7cjhjuBzUS5EGH-XeWHSfaemQdxK7k6ugrpl5D6q6rnlKLJBaL7VTTTbBionpEyHXEPwScFITsNBf0A5FHK2d4ajCAT8gtHQu6mzsQTpQHgsHl2ZYw8lvhbjqwGcFymD352p_hCTqeNtvhXAREmft59-nN88pu-6qkdsyI3ESRIyspXAcCvPhOmdBh6mDaMecPsHaYJRpg9cSAqQkYclyB-eDupXBEwWrr2nTaF8e0aUR6nEHiEzysRGOIqK8Onx62QPVk6WyTZtR7MFboSqq6oy4MtHd0XGsHOe6KcdSJcYp1qyBtGB9skS4IMDf0G8Dzc0Oi9gfJuQIx_9aoJvxpsaW7xCBBZfTc6A9bc1Q7N4hmsJbOcmr8FnkpMpQaipgqff_ugk8Qg-zz7SC6ay7XLM-zJkh8DZe4x3abXCTwUeHf8kBR-S4fz3XD6k916_-X0VYzO1oMgfB2Ye8RsQUVIptOjSpVjtOs4O98m1WVqWxC4Ak4SxyB9siDfvkTcZ268t7Wqd73xUCJxCesxNHhstct5JLw2LWqniMOaRHBgFofCHN29CeEuvNYJwPs7oA%26sai%3DAMfl-YQgPNI_fYz-7VXXGdn8-6TD2QPPWsuOTrcgxJbmEoqSM_yyb88OoWYDQ_Nxu2pu6p2B9Eq7oNb3Vz4vxeuoVMOJyQ6MCNTZR5ddva5pnfT8ThnPqhu8Hx0-OESHxmaYvNXr-fkvj8YnjjrVeOGW7GbCtTNxN934kJg__k0QrrBlWF37KKmb5mnw6n2jQYcqHmtNPekhygGcRX7nfVAj-MrbbIxHYBLluwUvJ_opQRrkJeKe_9cntm1mXlXJRH2qusfPBmHwkY4jtkMe92geKpykTW1TDvz2n0BySBTdw5Aj%26sig%3DCg0ArKJSzJcPuQzyld-oEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
kV2TaSme3zjoMC7eKEPqvg==
age
1468960
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Apr 2023 08:06:09 GMT
server
cloudflare
etag
W/"0x8DB35AC9D3707B1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0700ea23-b01e-002a-621b-0d3236000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
828408afea45020d-ZRH
document.0000001577DB34.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195008/5405215/ Frame 38AD 		82 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195008/5405215/document.0000001577DB34.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667ce?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstYVF9GLSqPOdBmqbVsz-9boPy2rmJ5O_dqqVBTcxRxQ-ieKP-6wrgN8qcp3KUPq7o4RC9_wW_3Yi_S4SjzAiW7VmJJMXAFMz63fw8rwWRMQCAaM1r9b0mwtLPR3WkkLa5C_S30u3IgW0ue7P-WmB8etTskvP74FsDKMkFAitkeU-uzJn0iBhthPEp2LRgQPMKMmPBjTd9kDW-6qG3p1jYE-UUUbMBaU03sYD0veyLczneptZRBXjHu52cldsObD-loNSaxiM3KDENdFoG15tIMjBbLXCnPsOwnd3rsvWIDSvSFgnIAECkmz5StTLk2Sa5iX8AXZJkIBT-ofBZQKBwxuR8xcEZdjxQnYaSFNw2aaaDe1gNJFMDm46s9CaYV5tRqU7sFQYaV6feI501SC5m_GcATs6xIEBiwVAcRWi0aahjIae_ehD3hb-5M0gPW_vdeb_GXSelNZ9JPzmG6wkuSfu5beuDuBUijqGWPzZ4qgVFGCPEg1yhcnNYV2sLImcAEnK3N_xRKIa7D2fqiKuHJZ9qrGbbowWYnRBJGtrGeZCH_0x86ZXixc-wit1NR2BOZFh4ErgWVBrwuOgLNjoPyr8aw18u4C0yVCHVuFXzjvYcb_kcdVvH-_pWHigJ9C5GsN4hl2kRc3fqn-Ku9jYbnv17RWQl0lPGwi-g9BYWwFVBWDR76wLLU9ZoQ1Me6RbeI-e7G0f23j4TtMkKWMazarvuLW99wrzonAM5shHR7BiIKulnBN1ts7CGkK6yjGThCy0NsfMV00ZFM9d_V4pZmSCsjYDXDOGD1rMiWcluZClaLc7aeIBy9HBNVNu-FiJi9SJZwcjr8T7GdVet4QroE-x-e18qAxWLa3yff9vfHSY7mv5Ys1DK8l8VOGWrb3E3YPN9qCtT9rBfhEP8Heh5U3rMp8QoiyK42COSRxyfPaIFGFrKeh69BpCe22m03JLRGUmtTB59kvMoEy9OweKri0XLbQ-dK0aYIH7cjhjuBzUS5EGH-XeWHSfaemQdxK7k6ugrpl5D6q6rnlKLJBaL7VTTTbBionpEyHXEPwScFITsNBf0A5FHK2d4ajCAT8gtHQu6mzsQTpQHgsHl2ZYw8lvhbjqwGcFymD352p_hCTqeNtvhXAREmft59-nN88pu-6qkdsyI3ESRIyspXAcCvPhOmdBh6mDaMecPsHaYJRpg9cSAqQkYclyB-eDupXBEwWrr2nTaF8e0aUR6nEHiEzysRGOIqK8Onx62QPVk6WyTZtR7MFboSqq6oy4MtHd0XGsHOe6KcdSJcYp1qyBtGB9skS4IMDf0G8Dzc0Oi9gfJuQIx_9aoJvxpsaW7xCBBZfTc6A9bc1Q7N4hmsJbOcmr8FnkpMpQaipgqff_ugk8Qg-zz7SC6ay7XLM-zJkh8DZe4x3abXCTwUeHf8kBR-S4fz3XD6k916_-X0VYzO1oMgfB2Ye8RsQUVIptOjSpVjtOs4O98m1WVqWxC4Ak4SxyB9siDfvkTcZ268t7Wqd73xUCJxCesxNHhstct5JLw2LWqniMOaRHBgFofCHN29CeEuvNYJwPs7oA%26sai%3DAMfl-YQgPNI_fYz-7VXXGdn8-6TD2QPPWsuOTrcgxJbmEoqSM_yyb88OoWYDQ_Nxu2pu6p2B9Eq7oNb3Vz4vxeuoVMOJyQ6MCNTZR5ddva5pnfT8ThnPqhu8Hx0-OESHxmaYvNXr-fkvj8YnjjrVeOGW7GbCtTNxN934kJg__k0QrrBlWF37KKmb5mnw6n2jQYcqHmtNPekhygGcRX7nfVAj-MrbbIxHYBLluwUvJ_opQRrkJeKe_9cntm1mXlXJRH2qusfPBmHwkY4jtkMe92geKpykTW1TDvz2n0BySBTdw5Aj%26sig%3DCg0ArKJSzJcPuQzyld-oEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
471ab36d909cc2ee64c15c2c707a2e9539369a95c51fc280d6edae4741704102

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
YwDHnravjixK6Z04eWhjZg==
age
1460536
cf-polished
origSize=88624
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 17 Apr 2023 10:52:51 GMT
server
cloudflare
etag
W/"0x8DB3F31E418E009"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f1c1ea89-701e-009c-442f-0d4040000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
828408afea47020d-ZRH
animated-creative.a3eb65849827099c4ed2.js
c.bannerflow.net/scripts/ Frame 38AD 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667ce?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstYVF9GLSqPOdBmqbVsz-9boPy2rmJ5O_dqqVBTcxRxQ-ieKP-6wrgN8qcp3KUPq7o4RC9_wW_3Yi_S4SjzAiW7VmJJMXAFMz63fw8rwWRMQCAaM1r9b0mwtLPR3WkkLa5C_S30u3IgW0ue7P-WmB8etTskvP74FsDKMkFAitkeU-uzJn0iBhthPEp2LRgQPMKMmPBjTd9kDW-6qG3p1jYE-UUUbMBaU03sYD0veyLczneptZRBXjHu52cldsObD-loNSaxiM3KDENdFoG15tIMjBbLXCnPsOwnd3rsvWIDSvSFgnIAECkmz5StTLk2Sa5iX8AXZJkIBT-ofBZQKBwxuR8xcEZdjxQnYaSFNw2aaaDe1gNJFMDm46s9CaYV5tRqU7sFQYaV6feI501SC5m_GcATs6xIEBiwVAcRWi0aahjIae_ehD3hb-5M0gPW_vdeb_GXSelNZ9JPzmG6wkuSfu5beuDuBUijqGWPzZ4qgVFGCPEg1yhcnNYV2sLImcAEnK3N_xRKIa7D2fqiKuHJZ9qrGbbowWYnRBJGtrGeZCH_0x86ZXixc-wit1NR2BOZFh4ErgWVBrwuOgLNjoPyr8aw18u4C0yVCHVuFXzjvYcb_kcdVvH-_pWHigJ9C5GsN4hl2kRc3fqn-Ku9jYbnv17RWQl0lPGwi-g9BYWwFVBWDR76wLLU9ZoQ1Me6RbeI-e7G0f23j4TtMkKWMazarvuLW99wrzonAM5shHR7BiIKulnBN1ts7CGkK6yjGThCy0NsfMV00ZFM9d_V4pZmSCsjYDXDOGD1rMiWcluZClaLc7aeIBy9HBNVNu-FiJi9SJZwcjr8T7GdVet4QroE-x-e18qAxWLa3yff9vfHSY7mv5Ys1DK8l8VOGWrb3E3YPN9qCtT9rBfhEP8Heh5U3rMp8QoiyK42COSRxyfPaIFGFrKeh69BpCe22m03JLRGUmtTB59kvMoEy9OweKri0XLbQ-dK0aYIH7cjhjuBzUS5EGH-XeWHSfaemQdxK7k6ugrpl5D6q6rnlKLJBaL7VTTTbBionpEyHXEPwScFITsNBf0A5FHK2d4ajCAT8gtHQu6mzsQTpQHgsHl2ZYw8lvhbjqwGcFymD352p_hCTqeNtvhXAREmft59-nN88pu-6qkdsyI3ESRIyspXAcCvPhOmdBh6mDaMecPsHaYJRpg9cSAqQkYclyB-eDupXBEwWrr2nTaF8e0aUR6nEHiEzysRGOIqK8Onx62QPVk6WyTZtR7MFboSqq6oy4MtHd0XGsHOe6KcdSJcYp1qyBtGB9skS4IMDf0G8Dzc0Oi9gfJuQIx_9aoJvxpsaW7xCBBZfTc6A9bc1Q7N4hmsJbOcmr8FnkpMpQaipgqff_ugk8Qg-zz7SC6ay7XLM-zJkh8DZe4x3abXCTwUeHf8kBR-S4fz3XD6k916_-X0VYzO1oMgfB2Ye8RsQUVIptOjSpVjtOs4O98m1WVqWxC4Ak4SxyB9siDfvkTcZ268t7Wqd73xUCJxCesxNHhstct5JLw2LWqniMOaRHBgFofCHN29CeEuvNYJwPs7oA%26sai%3DAMfl-YQgPNI_fYz-7VXXGdn8-6TD2QPPWsuOTrcgxJbmEoqSM_yyb88OoWYDQ_Nxu2pu6p2B9Eq7oNb3Vz4vxeuoVMOJyQ6MCNTZR5ddva5pnfT8ThnPqhu8Hx0-OESHxmaYvNXr-fkvj8YnjjrVeOGW7GbCtTNxN934kJg__k0QrrBlWF37KKmb5mnw6n2jQYcqHmtNPekhygGcRX7nfVAj-MrbbIxHYBLluwUvJ_opQRrkJeKe_9cntm1mXlXJRH2qusfPBmHwkY4jtkMe92geKpykTW1TDvz2n0BySBTdw5Aj%26sig%3DCg0ArKJSzJcPuQzyld-oEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9145a1b5941a698cff3ad558184cd813710a61ea765201ee9465fd2cd8cae663

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Js5dw7R7Itopo9K+HMhbDQ==
age
955603
cf-polished
origSize=159709
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 09:04:44 GMT
server
cloudflare
etag
W/"0x8DB3BFE201FAE72"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
44e99421-701e-0068-1ac7-11b343000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
828408afea48020d-ZRH
truncated
/ Frame 38AD 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
ee511e07-f5fd-4e20-a754-7e99417975e5
https://s0.2mdn.net/ Frame ED46 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/ee511e07-f5fd-4e20-a754-7e99417975e5
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame 38AD 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%21%25.089ACDEFHIMSVZabcdefghiklmnorstuwxz%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7196943425541767168/CH-DE_interest_rate-1-DECH-300x250-638330445275979907-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5778a9de20dae21fa64322883db543032780472ff39d40dd9091bc19b9312236

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:09 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 12:44:48 GMT
server
cloudflare
age
1507881
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
828408b2fdc401f8-ZRH
expires
Thu, 31 Oct 2024 12:44:48 GMT
021777fe-341b-416a-97a2-eb2576dc6474.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 8A85 		205 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
zS+vYkrSP7hxgCQn7kIbEQ==
age
2260
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 10:04:50 GMT
server
cloudflare
etag
W/"0x8DADCF178F32AE4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a05c3fa4-201e-0038-1576-0c49e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408b3786b020d-ZRH
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 8A85 		217 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
2315
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408b3786f020d-ZRH
optimize
c.bannerflow.net/io/api/image/ Frame 8A85 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F58af53bf-eeca-44d7-8f2a-492e842ef22e.png&w=304&h=383&q=99&f=webp&rt=contain
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21169f14539add188cba93f0c979745f100a982228a38c4a8d16e159df6b083e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:09 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 08:29:42 GMT
api-supported-versions
2.0
server
cloudflare
age
54387
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
828408b37870020d-ZRH
content-length
11988
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 8A85 		361 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
RUbP+sQxMgp/o5unKdEvSg==
age
1883
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 12:36:07 GMT
server
cloudflare
etag
W/"0x8DADD069B8C58B6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f1c0ed91-701e-009c-372f-0d4040000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408b3988b020d-ZRH
56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 8A85 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
4OwxmLD3WpKVbCNL8a+B+w==
age
2825
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 10:19:31 GMT
server
cloudflare
etag
W/"0x8DADCF38623156A"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
05bf2122-d01e-0013-40d8-11f1df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408b3988c020d-ZRH
5f0cc027-74c7-49d1-9005-00c789919828.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 8A85 		158 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/5f0cc027-74c7-49d1-9005-00c789919828.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d37d5154f46e118abb3adead8557c6094198e959b823fdd29aa224aa90ab87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
dnEdZ6svKhXcW8lZfJOunQ==
age
3564
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 08:22:57 GMT
server
cloudflare
etag
W/"0x8DADDAC67FF25A8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a4d916a2-701e-0057-5d90-0c4315000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408b3988e020d-ZRH
80fc0aab-e7e6-4d72-b960-441a4375ea21.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 8A85 		193 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/80fc0aab-e7e6-4d72-b960-441a4375ea21.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096b029c8f65acc4691e0f6c4c6d1d3a049e3dab8754d2c2444a1e9612c8ff6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3+uFcu57O0ahuU2l4f2hSA==
age
3583
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 08:29:47 GMT
server
cloudflare
etag
W/"0x8DADDAD5C1FCC00"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f9ad98e9-d01e-0003-2b63-0d0c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408b3988f020d-ZRH
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 8A85 		151 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Requested by
Host: be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
URL: https://be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
2258
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7dc9cd2-701e-0025-1590-0c445a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
828408b39891020d-ZRH
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame 1268 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.64.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
139
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b9e65c1-b01e-0066-41e7-115d22000000
x-ms-version
2014-02-14
cf-ray
828408b3ad9f01eb-ZRH
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame D980 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.64.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
139
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b9e65c1-b01e-0066-41e7-115d22000000
x-ms-version
2014-02-14
cf-ray
828408b3bdb901eb-ZRH
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame E871 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.64.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
139
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b9e65c1-b01e-0066-41e7-115d22000000
x-ms-version
2014-02-14
cf-ray
828408b3cdea01eb-ZRH
gen_204
pagead2.googlesyndication.com/pagead/ Frame 604E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=error&format=noextension&lid=143&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=640885188261767&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 604E 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:09 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 604E 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CyWo6YkpZZZOJNoWL9fgPms2iiAq93_zyc5HnpbyHEvfSor3AARABIIDP1Hxg9Y2_gagEoAHEw572A8gBAakCY4pXHjzxsj7gAgCoAwGYBACqBPIDT9D7QsVP28IZwi7ZsKZqstEFjuXgfP9JI5eGVmZ80AkYu4Kv-7C9WsxNHoU-NFY6XIOvd8WM3oaCgOlJWpsnWjaFSNynnybXtLftF5RM-lFc0pZBYYddWGVUY2y9orlwAVbxUBm0D-e1_a6_0fFTvoLR9kzvyswNLSjFXqGWccgXk09U9Ocs0RFJ78tjcPo7u0Ln53SDuS6M6mRULD4hadMhY70Sh2Xeg4yA2bOIQF8QCF3PHKxsw8OsdUUOBiuxSX7fIh4y0Byiiz4b1PtTGKnBY7AD7cTNJr2uLjJ7Ys94U8db6dxUOWGFjVmHNht40_xaVfE8rqW1u2s54H1P25I_0UUEQ5VcA3AhRGQzfvpC0FHF6XhanAhXoP2aBFBT8Tg3tdqV0Mcl1nTF7kCNoe19t-DmOlTo1y6aDxdYWn3qjoSHjAQh2AnC3HOJ1TH9_nCU_-O3Mre7Xf2E4TWFQN11CZd0N4tomdwWQjujipU2P-2XUqNiZLVW54fMGzRibVEdv-wRw94NMTKZ1YDmP23YtKBtaFMWbfLgMB9Fp5jKvZF1NconUle5aM6EOxwqbjs23T8JHyzGqRAoRue1-pSYTosq8J4j2HkIe-VERdxY5aK0IT1HK13GEXbEruVsjVKb8NyAbPNdCAX4rUfNP0mRwAT64MDdtwTgBAGIBYvQ54tLoAZUgAekvOEJqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkNI4g0TCL_BrLrbzoIDFYVFHQkdmqYIodgTDNAVAeIWAggB-BYBgBcB&sigh=JYWxuaotPJI&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=videoplayfailed400
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:09 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 604E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=complete&format=noextension&lid=143&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=640885188261767&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame EA2E 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
47303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/control/ Frame 484A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/control/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 19 Nov 2023 00:35:14 GMT
480_650.mp4
cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/ 		108 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.123 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-123.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 18 Nov 2023 23:36:09 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700350569624&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1573&pt=-1864090054&tz=60&viewable=true&ddast=V8x8gCLAaoW--nLJhYThFQt95PWTCxnCoAAABgYID-AAnNjBuXZzNyyyyeiVu0HA3WEuNstRbNPBOPbbHwDUYLIyChmXHj8mxGbpnFM3GLlqPBWmKcrdaimWfisS0WvsFoYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv80tdb8XS9pUe_3ecWuh5uuestfb0lDqdb6rT73NKjy-5zq11Ot9hpdytfd7fU6XJrjq634vWwu-VOh90tcbo1D6dbenTY3VqH0y1xOuxumcOtdjndEofTLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwDMHA3ZdX5a7PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxBKIBTKkriEieSIFeEUYAAAAAPkh_rI5M0gkqFlX-___7rQBcAQAIWCRXLqTNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIZ6euDRBBHrhan4BAQDW_AICALBRNwAAbwTgBB2CVgwGqxMQswMAAABw5____18PSJgWE5Nz5VpYZhOPyTVbbmwT42xicVh2w9XItdgehQLIc-V8WNE-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDJbLFYz33AtGI0mbtFqMVwLV6bhWjZbTmYO58qx8azWotfH9HFNNjaTzYsEAwb3InlapBPNYrRY7Ca24Wo2WDk2rs1kslq4No6NbTZxGTYTi1iiOVmkE9ll3zAtJibnyrWwzCYek2u23NgmxtnE4rDshquRa7GvzBaL1cw3XAtGo4lbtFoM18KVabiWzZaTmcO5cmw8q7Xo9TF9XJONzWTzN3aDwWY1WK2W-8ZuMNisBqvVct-hM3xXn7NRWVZJPipty3g83GpOg8JlsHhf6tN5WDAWvL_P0akSOpWdndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pa-34ul6S49-u88tdD3cctdb-npLHE631Gn3uaVHl93nVrucbrHT7la-7m6p0-XWHF1vxethd8udDrtb4nRrHk639Oiwu7UOp1vidNjdModb7XK6JQ6nXWh6my1iieB0kU5EL-Ppov4jhlnMFbPRXLaZC2erBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWqeDmcwmg91quQAugrJ0AYMAAAAAAAAUa-yxBniY3Q7Tyy3xeTZ-KwOQYM5jttlnBLFWq2UNAABAABsAAEAAN914E2BWxf3___-PAwAAICOHHgAAAP0-ICyMeuFHrhR-BbFZrGb7B6BCrNVqdbuxVqsVsCAWi8lwAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!dfrc_vB!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:09 GMT
content-encoding
gzip
server
nginx
machineid
1477
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
c.bannerflow.net/tr/v2/pixel/ Frame 38AD 		0
81 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667ce?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstYVF9GLSqPOdBmqbVsz-9boPy2rmJ5O_dqqVBTcxRxQ-ieKP-6wrgN8qcp3KUPq7o4RC9_wW_3Yi_S4SjzAiW7VmJJMXAFMz63fw8rwWRMQCAaM1r9b0mwtLPR3WkkLa5C_S30u3IgW0ue7P-WmB8etTskvP74FsDKMkFAitkeU-uzJn0iBhthPEp2LRgQPMKMmPBjTd9kDW-6qG3p1jYE-UUUbMBaU03sYD0veyLczneptZRBXjHu52cldsObD-loNSaxiM3KDENdFoG15tIMjBbLXCnPsOwnd3rsvWIDSvSFgnIAECkmz5StTLk2Sa5iX8AXZJkIBT-ofBZQKBwxuR8xcEZdjxQnYaSFNw2aaaDe1gNJFMDm46s9CaYV5tRqU7sFQYaV6feI501SC5m_GcATs6xIEBiwVAcRWi0aahjIae_ehD3hb-5M0gPW_vdeb_GXSelNZ9JPzmG6wkuSfu5beuDuBUijqGWPzZ4qgVFGCPEg1yhcnNYV2sLImcAEnK3N_xRKIa7D2fqiKuHJZ9qrGbbowWYnRBJGtrGeZCH_0x86ZXixc-wit1NR2BOZFh4ErgWVBrwuOgLNjoPyr8aw18u4C0yVCHVuFXzjvYcb_kcdVvH-_pWHigJ9C5GsN4hl2kRc3fqn-Ku9jYbnv17RWQl0lPGwi-g9BYWwFVBWDR76wLLU9ZoQ1Me6RbeI-e7G0f23j4TtMkKWMazarvuLW99wrzonAM5shHR7BiIKulnBN1ts7CGkK6yjGThCy0NsfMV00ZFM9d_V4pZmSCsjYDXDOGD1rMiWcluZClaLc7aeIBy9HBNVNu-FiJi9SJZwcjr8T7GdVet4QroE-x-e18qAxWLa3yff9vfHSY7mv5Ys1DK8l8VOGWrb3E3YPN9qCtT9rBfhEP8Heh5U3rMp8QoiyK42COSRxyfPaIFGFrKeh69BpCe22m03JLRGUmtTB59kvMoEy9OweKri0XLbQ-dK0aYIH7cjhjuBzUS5EGH-XeWHSfaemQdxK7k6ugrpl5D6q6rnlKLJBaL7VTTTbBionpEyHXEPwScFITsNBf0A5FHK2d4ajCAT8gtHQu6mzsQTpQHgsHl2ZYw8lvhbjqwGcFymD352p_hCTqeNtvhXAREmft59-nN88pu-6qkdsyI3ESRIyspXAcCvPhOmdBh6mDaMecPsHaYJRpg9cSAqQkYclyB-eDupXBEwWrr2nTaF8e0aUR6nEHiEzysRGOIqK8Onx62QPVk6WyTZtR7MFboSqq6oy4MtHd0XGsHOe6KcdSJcYp1qyBtGB9skS4IMDf0G8Dzc0Oi9gfJuQIx_9aoJvxpsaW7xCBBZfTc6A9bc1Q7N4hmsJbOcmr8FnkpMpQaipgqff_ugk8Qg-zz7SC6ay7XLM-zJkh8DZe4x3abXCTwUeHf8kBR-S4fz3XD6k916_-X0VYzO1oMgfB2Ye8RsQUVIptOjSpVjtOs4O98m1WVqWxC4Ak4SxyB9siDfvkTcZ268t7Wqd73xUCJxCesxNHhstct5JLw2LWqniMOaRHBgFofCHN29CeEuvNYJwPs7oA%26sai%3DAMfl-YQgPNI_fYz-7VXXGdn8-6TD2QPPWsuOTrcgxJbmEoqSM_yyb88OoWYDQ_Nxu2pu6p2B9Eq7oNb3Vz4vxeuoVMOJyQ6MCNTZR5ddva5pnfT8ThnPqhu8Hx0-OESHxmaYvNXr-fkvj8YnjjrVeOGW7GbCtTNxN934kJg__k0QrrBlWF37KKmb5mnw6n2jQYcqHmtNPekhygGcRX7nfVAj-MrbbIxHYBLluwUvJ_opQRrkJeKe_9cntm1mXlXJRH2qusfPBmHwkY4jtkMe92geKpykTW1TDvz2n0BySBTdw5Aj%26sig%3DCg0ArKJSzJcPuQzyld-oEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285107_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 23:36:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
828408b53b75020d-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
ads
pubads.g.doubleclick.net/gampad/live/ Frame EA2E 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3840772484850861&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FYvdzt-olxLYVE9kZyG9Oig%3A1700354160%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=F3342DBD-75A4-4D67-8773-D700D5C78555&nel=0&eid=44768716%2C44772139%2C44777649%2C44781409%2C44782090%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html&dt=1700350569951&cookie=ID%3Dfbd20618c629249a%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw&gpic=UID%3D00000ccbc17e2e23%3AT%3D1700350559%3ART%3D1700350559%3AS%3DALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg&scor=425275378347341&ged=ve4_td11_tt7_pd11_la11000_er741.400.742.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
fe8e952bbc815c54ae980c69f8b242287d476dee3da64b994eafcc1e3d1c727f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4859
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2F29 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:36:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csi
csi.gstatic.com/ Frame EA2E 		0
0
10357362818288825403
tpc.googlesyndication.com/daca_images/simgad/ Frame EA2E 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/10357362818288825403
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
d9a56feaeed5ec4e20a9e2e86bc2e53c59545a927d70dbd367adcb6a652c3069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:57:46 GMT
x-content-type-options
nosniff
age
41904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110030
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 12:02:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 17 Nov 2024 11:57:46 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame EA2E 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CL_RVakpZZYMv3ZD1-A_296T4AsnBtZFxiJn03-QR2ZKs58I8EAEggM_UfGD1jb-BqASgAazW4rkDyAECqQImacesD1CyPuACAKgDAZgEAKoE4ANP0FT4oXLVrQZ6I6-xOD0ay0nvmt6PzfmGyb43fLeWHBSZsw6e7mkn5H6VkIrWn_W3Fjfva1xbsuw8zw0NVgisZQHR8xGoGzsJFd89-dU73Wg2el2nLoP1PrdXYTXeZY_2R6DfqXf1WqwpKeKZ6TBzU_hjryzJZTSF5XmWJGKKxvt1HPdYFa-vc80hrBmZKl9D9TlFxcK4MaLnvrtioSBmJG3uSYMK1T9V1OEIeNtd3thf4igoatkG6LC5UFiSMT5TtOAfQ9B3dGcpSxdHdSV5cULJ2TM3PLulQfVfHziGaMhSWR94ShoTqf4GrqpJAhw98El08GUY13O0mmVe7PIckQcM_BQSaJY77wPq1BoMxZuejLPc-pSRLioEU9uz2-QXaocGCaxvAi-s2w-HBmGd_EkPJzJzwnM-QBubgE9_LPA_MLxenQKFs12Il93Pep70LCdoOpLG5QsWQtFv4Je5Lm7jmA0NFxJ9H_xQYH_zJmz29Bvl6WgxYtzdZ2RbCXWk3G8hdG-lJ5CSDXCbUjupVVYktDRxpqpqEgoAx_v9Z9-jZgC9FEigYU3Mmg2LI25B6zaVESmNEGNlf1q3QVGOJV4EbD5fRJczwVqlHWlId5TRJl6fPMMYDTXP4opMtfDABI2-naCnBOAEAYgFuYudo0ugBgKAB7ypnUaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkNI4g0TCP2a373bzoIDFV1IHQkd9jsJL9gTCtAVAfgWAYAXAQ&sigh=KTGpNX_W6e8&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=videoplayfailed501
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zu-qiu-zhong-hua-nu-zu-bai-jing-zheng-mei-lin-yun-jie-shu-quan-nian-bi-sai-zhan-kai-bian-fa-mei-bai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:36:10 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
480_650.mp4
cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/dc8a1063d273779a17657e5445f32afc.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f316c1d713b30e6d3aca8ccc2ef8e164.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2ffe0ed51fd79314720eb84fab353c8b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ff43b41857dcfe34d37815fcd9a7f8f8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/702234c41c010004588192f9d548cba8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4b653fd25dc60dffec7cceb415d77872.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/828fbdec815f16b15e120e0c8ed1bc43.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b9e639c9ef34fa1714511130290104c9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/ea008fd02ea133e958bf9a2f647c5f85.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4a6edf5c6a7c53fa24469216fc8ae1a9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/369dd9b2a275f5c47b102f94afe5e5f4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/237d978c06c1da88a079c0b6b045f2b6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/0344692d844da5872c5ea6d711fd7fa7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/8cbbed58efd28dea3f035a90496d4bf6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202304/4053c2e55e3d26f8411f674d5546dd3f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/10d1cf0befe78f5c630a56a4cc3789af.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202206/0b1e2b4b8503f3dd266705dd14231790.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/fb3d5719b3f575a8ac0a00e9a923b1ab.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/c29411f03727f2eb139f98bc632f2a41.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/276f227142f99370e51d46383c7dccda.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/063cfc75cfce20d93fe3faec5ec5086a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/dbf6d25a1ded6199488e5c8c2a7dde3a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/99c3ea184d779be2d2c2e0105f07a057.jpg?w=150&h=100&q=100
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-F5yJpkhE2oXh2HK91UFE8O_x6R.XO2K66aU1yac-~A&redirect=
Domain
cds.taboola.com
URL
https://cds.taboola.com/?uid=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&mbl=ZmFsc2U=
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBPYMDxpHXXUHYW_qBMQ68A&google_cver=1
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP4OTLUF-G-2PUA
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
adx3.adform.net
URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEGj76hidJdxnW2l8X15Nd9I&google_cver=1&google_push=AXcoOmREI80B96xKGvAmH9gXhe4i7t1T8HLGBwRk1XR2SuGpfCVyl8YO2Ejv4frfv5GcZ-lJqX6DhWvgA_I2Z6pmoLfoDLzq3BixcA
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEGj76hidJdxnW2l8X15Nd9I&google_cver=1&google_push=AXcoOmQRadnBGXgDdUEJpZSCd5XAzX0Cc2YqzSB_MjJZuiReu6hpbGFl5V-c8-y7ecm3epYtwooE7nsK3a4Vqo3Le2jKsDJxPNaopA
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEA6U77NI2qvvbf-imkkpbB4&google_cver=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=L37kLeNK1R4uR55
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4130517591434833021
Domain
s.company-target.com
URL
https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp4otsh8&c=3201706815534&slotId=1600853407767&eee=missing-element&bi=missing-id&vast_v=4.0&nlc=1&nlrh=0&nlri=0&nlrs=1&nlru=0&nlrhc=false&wta=1&lima_p_ich=0&lima_p_icu=0
Domain
cdn.vidverto.io
URL
https://cdn.vidverto.io/secured2/Yvdzt-olxLYVE9kZyG9Oig:1700354160/1327/video/1813/480_650.mp4

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _statcounter object| adRecover function| setImmediate function| clearImmediate function| _typeof object| TRC object| _tblConsole undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS undefined| google_measure_js_timing number| google_unique_id function| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags string| nam object| placementData object| aries object| google_reactive_ads_global_state function| jqAlias object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ucf object| request object| cmTag number| vidverto object| regeneratorRuntime object| aries_registry string| paramsString object| _cm_wfCounters string| lastWfUrl function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _aries function| quantserve function| __qc object| ezt object| _qoptions function| Zepto object| Backbone function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer boolean| descriptionPage object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| inViewWindow object| vidvertoPromiseCache object| closure_lm_365314 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| VidvertoPlayerVideoPlaylistUI object| google_ad_modifications object| google_prev_clients object| closure_lm_889245 object| closure_lm_718288 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

210 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARDDFg
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1700350559.54F84D3B83BB4F9641590955F7EE80B9.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1700350559.0
.statcounter.com/ Name: is_visitor_unique
Value: 1700350559111260520
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1700350559.1.0.1700350559.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1109969163.1700350560
www.bg3.co/ Name: __AP_SESSION__
Value: 4d17eac4-93ef-4839-ac3e-24628b3607d0
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf
.bg3.co/ Name: __gads
Value: ID=fbd20618c629249a:T=1700350559:RT=1700350559:S=ALNI_MbIy6a4u5TXiP-Ht96yOlFDvsGpNw
.bg3.co/ Name: __gpi
Value: UID=00000ccbc17e2e23:T=1700350559:RT=1700350559:S=ALNI_MYd2hkVPzKzsuTX-I9e_lge6DS9zg
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 61b823e4-97d8-47ce-bd0c-ff9539554794
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: 846f10bf61a5b70cf597361d640a89e1
ad.vidverto.io/ Name: moxuuid
Value: 6be710a2-42ae-4c4e-adf4-c4aad8cc457c
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1700436960
ad.vidverto.io/ Name: _mwayss_imp[24632][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[24632][frequencyPeriodEnd]
Value: 1700436960
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][frequencyPeriodEnd]
Value: 1700436960
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1700436960
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1700436960
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1700436960
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1700436960
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw4JTlqgY4AUABSAEQ4JTlqgYYAA..
.doubleclick.net/ Name: IDE
Value: AHWqTUml3xpEAK1owE7sTwmakSU16Q-Sa8LrHInmzOixX1kgzQJNJvbW9xQ4FUCJ_dQ
.prebid.a-mo.net/ Name: __amc
Value: 2_1700350560_1700350560
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.bidswitch.net/ Name: tuuid
Value: 8dfccedd-668a-44ee-b95e-d349fc17fa76
.bidswitch.net/ Name: c
Value: 1700350560
.adnxs.com/ Name: uuid2
Value: 7912481373650271753
a4p.adpartner.pro/ Name: apuid
Value: a968947a-67a5-4369-bef6-eabf514204de
.teads.tv/ Name: tt_viewer
Value: 691485b7-2e72-4423-ab9b-a72623ac563d
ad.vidverto.io/ Name: adpartner
Value: a968947a-67a5-4369-bef6-eabf514204de
.bidswitch.net/ Name: tuuid_lu
Value: 1700350561
.yahoo.com/ Name: A3
Value: d=AQABBGFKWWUCEL62ZeZgBugpiX5Vf0VihD4FEgEBAQGbWmVjZbtV0CMA_eMAAA&S=AQAAApyny-n1Ky2CoYbYYNTqkjs
.aralego.com/ Name: sspid
Value: 5e7a7e5e-e66c-3875-b259-daff7646a659
.rubiconproject.com/ Name: khaos
Value: LP4OTLUF-G-2PUA
.smartadserver.com/ Name: pid
Value: 2137512993614211217
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C5463CF2-8511-4A81-B5E9-27264C2643DF
ad.mox.tv/ Name: onetag
Value: IdKI1MGH-K1mOBjF10gBowUHLZqN7WlDV_lRdQNSBj0
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 97aef2af-edf6-5243-bbf9-225edea0683f
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZVlKYQALaeCP4AGVodZSRRRxPg2XXmX4SzAY_Q==
.ads.stickyadstv.com/ Name: UID
Value: 36757693e4f6ab17619b6c5d78f8113
.quantserve.com/ Name: mc
Value: 65594a61-d5a02-ceaf2-5893b
.bg3.co/ Name: __qca
Value: P0-1648394813-1700350561033
.admixer.net/ Name: am-uid
Value: a8b0562bafd94d40a5bd24c9848ee686
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1700350562.1.0.1700350562.0.0.0
ad.vidver.to/ Name: bidswitch_com
Value: 8dfccedd-668a-44ee-b95e-d349fc17fa76
.aralego.com/ Name: euconsent-v2
Value:
.yandex.ru/ Name: yuidss
Value: 6150511031700350562
.yandex.ru/ Name: yandexuid
Value: 6150511031700350562
.casalemedia.com/ Name: CMPS
Value: 5190
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003%22%7D
.casalemedia.com/ Name: CMID
Value: ZVlKYixMYebMuplBAlkvygAA
.casalemedia.com/ Name: CMPRO
Value: 5190
.c.appier.net/ Name: _auid
Value: 3OAmCyPCBAmY9mTxYkpZZQ
.c.appier.net/ Name: _gu
Value: CAESEFiwSgqEVaPQuJEYd6Fuh1g
.adfarm1.adition.com/ Name: UserID1
Value: 7302950059823921299
.acuityplatform.com/ Name: auid
Value: 853984141486
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: E8792D6D8EDA461797697F729A7C99E1
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXkZKR2mmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV5GSkdpo90aGlyZFBhcnR5VXNlcklkWkNBRVNFQzRad0lYVEZqaE1hYnlSVS1HVXN2OPv7hnZlcnNpb27C+w=="
.adform.net/ Name: uid
Value: 1407869859430572812
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.w55c.net/ Name: wfivefivec
Value: L37kLeNK1R4uR55
.connatix.com/ Name: cnx_userId
Value: 3a9fd8b6e29c427886f0161a63468915
.socdm.com/ Name: SOC
Value: ZVlKY8Co8X4AAPsS.PgAAAAA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.w55c.net/ Name: matchcasale
Value: 5
.turn.com/ Name: uid
Value: 4130517591434833021
.openx.net/ Name: i
Value: 50c20423-4a9b-4736-ac5a-481f5ebe8516|1700350563
.amazon-adsystem.com/ Name: ad-id
Value: AzUcxgBV8k00i25NaoYs-to
.linkedin.com/ Name: bcookie
Value: "v=2&caf01743-d208-442e-877b-7fee715cfc2a"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDAzNTA1NjM7MjswMjHdKqxHkIarS+J+ZF+gYF7OYfp/CduW2UfZAgwxTbd3YA==
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3065:u=1:x=1:i=1700350563:t=1700436963:v=2:sig=AQGwOBNFLihIhlbvxS1A7rA-8dIv49Eo"
.tapad.com/ Name: TapAd_TS
Value: 1700350563703
.tapad.com/ Name: TapAd_DID
Value: e5af245d-868d-489f-b68d-5fc71cb60a43
.liadm.com/ Name: lidid
Value: 28f86352-f570-4106-80bb-d6c54dd0de68
.bidr.io/ Name: bito
Value: AAILm07KspUAABPKNXVjKQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.bidswitch.net/ Name: google_push
Value: AXcoOmQZ3EBOe2-3BfPPTX1WYaqN0UaZR1P1Vh_9bixe6J5abtr46XjB7D1hTuQixiHXzSJQJOeMnsDrR872eHZlKX7azyHEqShFoCPou40Cj9cjYBrQ6qps4PUdDVxO5rUdYOT-nM9TswL9oIyGg2aNvH9p
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQNE9UTFVGLUctMlBVQSIsImV4cGlyZXMiOiIyMDI0LTAyLTE2VDIzOjM2OjA0WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTE4VDIzOjM2OjA0WiJ9
.3lift.com/ Name: tluid
Value: 4078021614972441085668
.primis.tech/ Name: csuuid
Value: 65594a6450803
.openx.net/ Name: pd
Value: v2|1700350564|gen0vNvQiygu
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-18T23%3A36%3A04%22%7D
.360yield.com/ Name: tuuid
Value: 7a742af5-f233-435f-a828-83b228e83adf
.360yield.com/ Name: tuuid_lu
Value: 1700350564
.servenobid.com/ Name: pid_318
Value: ogWCJu3gGukqT3frb1AaryFhAb1Bws7sXUVL4MBhciY
.servenobid.com/ Name: pid_312
Value: 7912481373650271753
.servenobid.com/ Name: pid_337
Value: y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
.servenobid.com/ Name: pid_339
Value: y-IqBvI_dE2uE3u6B6pNirZlVBvaNvrihscAamUro-~A
.servenobid.com/ Name: pid_317
Value: 2137512993614211217
.lijit.com/ Name: ljt_reader
Value: HreopRZH2MxDdztuQ36MVDKJ
.gumgum.com/ Name: vst
Value: e_a9978468-4136-4c7a-8a8c-b821809d5a96
.adotmob.com/ Name: uid
Value: 09d12204009edc3a9589dae6
.adotmob.com/ Name: uuid
Value: 09d12204009edc3a9589dae6
.adotmob.com/ Name: partners
Value: SMA%3A1700350564823
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4cbd493d-c2a9-583c-7888-a81184c66e9b.uJaG8XuRK3Ao9tQ%2Bce%2FJNzcWHMWi8PHyfF4dT1Yr%2F58
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4cbd493d-c2a9-583c-7888-a81184c66e9b.uJaG8XuRK3Ao9tQ%2Bce%2FJNzcWHMWi8PHyfF4dT1Yr%2F58
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATL1JPcKpWDx4iKgRhMZumx-kP1Y.clO2GtsVpp7FXVHh8kOLBScnPPr31FjUMevibruA%2BA8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATL1JPcKpWDx4iKgRhMZumx-kP1Y.clO2GtsVpp7FXVHh8kOLBScnPPr31FjUMevibruA%2BA8
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsjAyNLE0tjSwtBDiM9Qt804KzvRJTE2NCioFAMLidmUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsjAyNLE0tjSwtBDiM9Qt804KzvRJTE2NCioFAMLidmUlAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_309
Value: e_a9978468-4136-4c7a-8a8c-b821809d5a96
.servenobid.com/ Name: pid_321
Value: RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003
.servenobid.com/ Name: pid_324
Value: 5141210828214939098
.servenobid.com/ Name: pid_310
Value: HreopRZH2MxDdztuQ36MVDKJ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMvi2nDqEweQAp7yLvCa4NpbeARar9ADZd9_m1xFxqpvEAEYAyDklOWqBjABOgTwi70wQgTctg-a.bplLfOqnicp71LtHky7%2BsN3UK2YkJuHQpT6GlEOnnPo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMvi2nDqEweQAp7yLvCa4NpbeARar9ADZd9_m1xFxqpvEAEYAyDklOWqBjABOgTwi70wQgTctg-a.bplLfOqnicp71LtHky7%2BsN3UK2YkJuHQpT6GlEOnnPo
.zemanta.com/ Name: zuid
Value: kGaQ4qF6KBrZ2e8WsNCv
.go.sonobi.com/ Name: __uis
Value: e3ee8dd5-862a-4724-9f50-268fcdbab9f3
.go.sonobi.com/ Name: HAPLB8G
Value: s85165|ZVlKa
.yellowblue.io/ Name: wrvUserID
Value: uuhLDvzzCj_s
.creativecdn.com/ Name: u
Value: xRpjV0dyDaPAD7xC09pC
.creativecdn.com/ Name: g
Value: xRpjV0dyDaPAD7xC09pC_1700350565098
.creativecdn.com/ Name: ts
Value: 1700350565
.contextweb.com/ Name: V
Value: tgyFQHDwdN34
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4bd2ea1428ec139d
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-aa4f771b-045b-3186-8546-192d8f7763c6
.smaato.net/ Name: SCM
Value: b185c02e30
.smaato.net/ Name: SCMsas
Value: b185c02e30
.nrich.ai/ Name: _nauid
Value: 893596e3-ebcc-4ae5-b5ce-59208add6eed
.sportradarserving.com/ Name: zuuid
Value: e0b8254e-28a9-4723-81aa-4f41505f2a4c
.sportradarserving.com/ Name: c
Value: 1700350565
.sportradarserving.com/ Name: zuuid_lu
Value: 1700350565
.minutemedia-prebid.com/ Name: wrvUserID
Value: 1IhRYv-zCp_mm
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1700350565
.servenobid.com/ Name: pid_332
Value: e3ee8dd5-862a-4724-9f50-268fcdbab9f3
.onetag-sys.com/ Name: OTP
Value: nxB4fki_PxF1at6ZSwO0UYheoR6_EBbwrxYRSRikwQg
.quantserve.com/ Name: d
Value: EOIBFAG6KoEO-TCJiTA
.servenobid.com/ Name: pid_348
Value: 1IhRYv-zCp_mm
.servenobid.com/ Name: pid_352
Value: uuhLDvzzCj_s
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2f4n:18vk~2f4n:19e0~2f4n:198o~2f4n:18z8~2f4n"
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBgbGpgamZqbGx4ShzBN7EwswQAEC8ZwiAAAAA
.servenobid.com/ Name: pid_316
Value: C5463CF2-8511-4A81-B5E9-27264C2643DF
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-2CKnV9p2pF_Dc6cP3iW_DYt29FzDIqpX3XVpOJEO&KRTB&19420-2CKnV9p2pF_Dc6cP3iW_DYt29FzDIqpX3XVpOJEO&KRTB&22979-2CKnV9p2pF_Dc6cP3iW_DYt29FzDIqpX3XVpOJEO&KRTB&23462-2CKnV9p2pF_Dc6cP3iW_DYt29FzDIqpX3XVpOJEO
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5141210828214939098
.ctnsnet.com/ Name: cid_2d2d2a17bd6e4c60a383f13d1705a642
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: kAysK@UTFOWQ11
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4130517591434833021&KRTB&23150-4130517591434833021&KRTB&23527-4130517591434833021
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-TL1JPcKpWDx4iKgRhMZumx-kP1Y&KRTB&23334-TL1JPcKpWDx4iKgRhMZumx-kP1Y&KRTB&23417-TL1JPcKpWDx4iKgRhMZumx-kP1Y&KRTB&23426-TL1JPcKpWDx4iKgRhMZumx-kP1Y
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7302950059823921299&KRTB&23369-7302950059823921299
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7912481373650271753&KRTB&23339-7912481373650271753
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1407869859430572812&KRTB&23263-1407869859430572812&KRTB&23481-1407869859430572812
.adsby.bidtheatre.com/ Name: __kuid
Value: 6c2a13ba-ccce-4db1-b58c-cb05cf0958b3.469564565
.adx.opera.com/ Name: UID
Value: OPUffea1325252341f4a2847df96a8bccc0
.de17a.com/ Name: guid
Value: 1.6785042868299480284
.sitescout.com/ Name: ssi
Value: 0f9adfcf-e87e-460f-b9ad-5f7cafba38d8#1700350565862
.csync.loopme.me/ Name: viewer_token
Value: f1684068-c0b6-4147-8817-9088702d7779
.audrte.com/ Name: arcki2
Value: l5co9av4GLDQaSFywg-6uiCKg!20220908!1700350565930!ip#31.164.63.86
.audrte.com/ Name: arcki2_pubmatic
Value: C5463CF2-8511-4A81-B5E9-27264C2643DF!20220908!1700350565930
.ipredictive.com/ Name: cu
Value: f002763b-bff0-42e6-a652-375ee26c26fb|1700350565868
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUffea1325252341f4a2847df96a8bccc0&KRTB&23485-OPUffea1325252341f4a2847df96a8bccc0&KRTB&23524-OPUffea1325252341f4a2847df96a8bccc0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVlKZQAAqr172ABU
.rubiconproject.com/ Name: audit
Value: 1|cGSYZs3gZJWWajhVl1SHIQfyVNOJ77gZiiFEhMcG4kGker+RYbW0+7jgVdexfWgHU/E2kZdqgkpw0S94mtzOH9XPepBh+Dkv1DvhV5n1i6XI4WPUqZbr5k/xHtuzacEoMSIfB6LUM7//vO6qNyYK/hw64S+tVw8S1ZOcBYL9WZOIsgbQ+Cz9wN/LAaxiSsiA
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDM1MDU2NTk5Mn0
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: b42411558eb6cc58e7e7aeca5e1efa25
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6785042868299480284
.servenobid.com/ Name: pid_323
Value: LP4OTLUF-G-2PUA
.dotomi.com/ Name: DotomiTest
Value: 7322cb7e804d1680
.mfadsrvr.com/ Name: tuuid
Value: cb3b0366-05e3-4995-8e60-308c57af4b83
.mfadsrvr.com/ Name: c
Value: 1700350566
.mfadsrvr.com/ Name: tuuid_lu
Value: 1700350566
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-0f9adfcf-e87e-460f-b9ad-5f7cafba38d8-65594a65-4348&KRTB&23418-0f9adfcf-e87e-460f-b9ad-5f7cafba38d8-65594a65-4348
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1700350566
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-8dfccedd-668a-44ee-b95e-d349fc17fa76
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHqouGtI4QdgNDdFnMAAAAAAA&KRTB&22713-AAAHqouGtI4QdgNDdFnMAAAAAAA&KRTB&22715-AAAHqouGtI4QdgNDdFnMAAAAAAA&KRTB&23519-AAAHqouGtI4QdgNDdFnMAAAAAAA
.tribalfusion.com/ Name: ANON_ID
Value: aHntmIolXViQuWx7IZbwQy7A5uOy8JPyauP8Nh0y5OBg2pp7RW4nahDRg7jpRcI6ZaFCZcLf9eSr6M8dwPPrdsTZcmna
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKJexMONvz0N-CuyApZASTg&KRTB&23025-CAESEKJexMONvz0N-CuyApZASTg&KRTB&23386-CAESEKJexMONvz0N-CuyApZASTg
.adnxs.com/ Name: anj
Value: dTM7k!M40]Erk#WF']wIg2E>2ok/>G!]tbW8i_iqf!oN/@E'zz<*Z0QmqM94S6F+Khv<P].)3TcJT#f/QIqe-?pG1%TD._*Pl[h>oaUgZoTtsC3d$aH%%JcBk26rDJZO)'?/^B2d$SN0CUZkA
.audrte.com/ Name: arcki2_ddp2
Value: l5co9av4GLDQaSFywg-6uiCKg!20220908!1700350566730
.smartadserver.com/ Name: csync
Value: 66:09d12204009edc3a9589dae6|127:AAILm07KspUAABPKNXVjKQ|133:b185c02e30
.audrte.com/ Name: arcki2_adform
Value: 1407869859430572812!20220908!1700350566895
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o2i|7dN.0.AAILm07KspUAABPKNXVjKQ|7bq.0.1
.servenobid.com/ Name: pid_346
Value: ua-aa4f771b-045b-3186-8546-192d8f7763c6
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAILm07KspUAABPKNXVjKQ
.pubmatic.com/ Name: SPugT
Value: 1700350565
.pubmatic.com/ Name: DPSync3
Value: 1701475200%3A219_197_235_201_245_241_227_226
.pubmatic.com/ Name: SyncRTB3
Value: 1701129600%3A63%7C1705449600%3A69%7C1701475200%3A81_165_214_56_243_7_204_161_88_55_21_54_254_3_176_233_220_249_22_8_251_196_234_46_264_13_166_99_238_71%7C1701561600%3A35%7C1702857600%3A203%7C1700870400%3A15_223_2
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 11
.smilewanted.com/ Name: sw_user_params_infos
Value: tAJ%2FyQVqT4IFegNGi3VUECZZZACDAYwM%2FMS1ZiMvexEESzbH6tqBA5icCeJk9uIWbsVTSJzOAsd%2Ful4%2BMW9hq2lBiNGBmU7iTur9NsOCjEN70wuNOXIVldquZqoXPkNDZoXW8L7BFX9D0%2BcmNh3y4yDUtEtD9x23JJo%2FcyY7o4DF4N508LGqjF9Wsp8EVBsiJxPi52hYicATOk4pERfOu9pj%2FP1ufhQRonPj4jPJxMWXbntxLHh160HDgMkt0VWbnRKoxO48rIvNSLPdF0jGMOVS6fNQVBLYg%2Fe%2BpctWP55OHAf%2B47dlAMsnhD1KLzPKZG7H3SmZDtNq25QtJvN3tOQRWYCvQVKT7jUWdWV9lYfVKfE8J6EudeotI96L9wDoFhgyqP9hXmADvBDdexh7VQ%3D%3D
.pubmatic.com/ Name: pi
Value: 0:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700372168170
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-22ae08b3-f0d1-4620-87b4-43f858a36259-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/ Name: done_redirects104
Value: 1
.semasio.net/ Name: SEUNCY
Value: B5EE877A48D339AE
.onaudience.com/ Name: cookie
Value: 02efd0e7be4ad52e
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zc
Value: dbfecbb6-0d04-4e79-63c8-194714f2767d
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JaXnMQanThnWgQVXn
.pubmatic.com/ Name: PugT
Value: 1700350568

38 Console Messages

Source Level URL
Text
network error URL: https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://static.bg3.co/imgs/202105/2ffe0ed51fd79314720eb84fab353c8b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/702234c41c010004588192f9d548cba8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ff43b41857dcfe34d37815fcd9a7f8f8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f316c1d713b30e6d3aca8ccc2ef8e164.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b9e639c9ef34fa1714511130290104c9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/dc8a1063d273779a17657e5445f32afc.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4b653fd25dc60dffec7cceb415d77872.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/828fbdec815f16b15e120e0c8ed1bc43.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/ea008fd02ea133e958bf9a2f647c5f85.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/369dd9b2a275f5c47b102f94afe5e5f4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4a6edf5c6a7c53fa24469216fc8ae1a9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/237d978c06c1da88a079c0b6b045f2b6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/8cbbed58efd28dea3f035a90496d4bf6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202304/4053c2e55e3d26f8411f674d5546dd3f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/10d1cf0befe78f5c630a56a4cc3789af.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/fb3d5719b3f575a8ac0a00e9a923b1ab.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202206/0b1e2b4b8503f3dd266705dd14231790.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/276f227142f99370e51d46383c7dccda.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/c29411f03727f2eb139f98bc632f2a41.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/0344692d844da5872c5ea6d711fd7fa7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/dbf6d25a1ded6199488e5c8c2a7dde3a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/99c3ea184d779be2d2c2e0105f07a057.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/063cfc75cfce20d93fe3faec5ec5086a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvenUtcWl1LXpob25nLWh1YS1udS16dS1iYWktamluZy16aGVuZy1tZWktbGluLXl1bi1qaWUtc2h1LXF1YW4tbmlhbi1iaS1zYWktemhhbi1rYWktYmlhbi1mYS1tZWktYmFpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cds.taboola.com/?uid=26115f78-044b-4518-8e48-6692fa9e1c35-tuctc52cfdf&mbl=ZmFsc2U=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEGj76hidJdxnW2l8X15Nd9I&google_cver=1&google_push=AXcoOmQRadnBGXgDdUEJpZSCd5XAzX0Cc2YqzSB_MjJZuiReu6hpbGFl5V-c8-y7ecm3epYtwooE7nsK3a4Vqo3Le2jKsDJxPNaopA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-F5yJpkhE2oXh2HK91UFE8O_x6R.XO2K66aU1yac-~A&redirect=
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEGj76hidJdxnW2l8X15Nd9I&google_cver=1&google_push=AXcoOmREI80B96xKGvAmH9gXhe4i7t1T8HLGBwRk1XR2SuGpfCVyl8YO2Ejv4frfv5GcZ-lJqX6DhWvgA_I2Z6pmoLfoDLzq3BixcA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP4OTLUF-G-2PUA
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://r2---sn-1gi7znek.gvt1.com/videoplayback/id/56078d6b6a231739/itag/18/source/web_video_ads/ip/0.0.0.0/ipbits/0/expire/1700372163/sparams/expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B028ED6E7347612634E460DBF18CE4CB9D37E04.07D8EEAC7D3AD9DEF699EEB09ED792547F17FC59/key/cms1/cms_redirect/yes/mh/9f/mip/31.164.63.86/mm/28/mn/sn-1gi7znek/ms/nvh/mt/1700350342/mv/m/mvi/2/pl/15/file/file.flv
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f1dad02383a875d2ce1ca56d7dc5967.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a1123.casalemedia.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mox.tv
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
be85e208889468a2f1201d5ff114bf16.safeframe.googlesyndication.com
beap-bc.yahoo.com
bh.contextweb.com
bidder.criteo.com
c.bannerflow.net
c.statcounter.com
c1.adform.net
capi.connatix.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.js7k.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r2---sn-1gi7znek.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shared.bannerflow.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stas.outbrain.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
widgets.outbrain.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
ad.mrtnsvr.com
adx3.adform.net
cdn.vidverto.io
cds.taboola.com
cm-supply-web.gammaplatform.com
csi.gstatic.com
dsum-sec.casalemedia.com
s.company-target.com
ssum-sec.casalemedia.com
static.bg3.co
sync-dmp.aura-dsp.com
sync.aralego.com
token.rubiconproject.com
103.231.174.251
104.16.64.126
104.16.89.20
104.17.202.110
104.18.25.173
104.18.36.155
104.18.38.76
104.20.219.77
104.26.5.103
107.23.15.226
124.146.153.163
13.107.42.14
13.248.245.213
13.32.27.67
13.32.27.99
13.32.99.104
134.122.57.34
137.74.6.209
141.226.228.48
141.94.170.77
141.94.171.214
141.95.171.140
142.250.181.226
142.250.181.234
142.250.184.193
142.250.184.194
142.250.185.129
142.250.185.228
142.250.185.234
142.250.185.238
142.250.186.104
142.250.186.162
142.250.186.35
142.250.186.65
142.250.186.98
142.251.10.94
147.75.84.158
151.101.130.137
151.101.2.49
151.101.65.44
152.199.21.70
154.57.158.26
154.59.122.79
167.235.184.171
169.197.150.8
172.105.199.172
172.217.16.130
172.217.18.6
172.217.23.98
172.64.146.152
172.67.10.198
172.67.13.182
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.196.207.18
18.66.97.52
184.30.16.183
184.30.16.195
184.30.17.67
184.30.20.22
184.30.21.51
184.30.22.30
185.106.33.48
185.165.240.123
185.170.60.54
185.184.8.90
185.29.132.245
185.64.191.210
185.86.138.155
185.86.139.94
185.89.210.212
188.42.191.196
190.2.153.150
192.96.203.13
193.0.160.131
193.122.128.135
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
208.93.169.131
212.8.250.83
213.155.156.168
213.180.204.90
213.227.153.220
216.239.32.36
216.52.2.30
216.52.2.91
217.182.178.224
23.32.238.162
23.56.202.187
23.88.86.2
23.97.225.52
3.122.5.52
3.122.74.3
3.126.136.176
3.126.228.123
3.233.155.35
3.33.220.150
3.71.149.231
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.224.175.55
34.246.239.231
34.247.205.196
34.91.62.186
34.98.64.218
35.158.88.128
35.186.193.173
35.214.173.129
35.227.252.103
35.244.174.68
37.157.2.229
37.157.6.254
45.137.176.88
46.228.164.11
46.228.174.117
51.255.68.171
51.75.86.98
52.16.22.123
52.210.50.120
52.212.46.188
52.215.107.17
52.46.130.91
52.70.253.77
52.95.126.160
54.155.236.110
54.165.115.205
54.171.158.15
54.76.122.35
54.85.125.66
63.35.117.106
64.202.112.223
64.74.236.191
69.166.1.34
69.173.144.137
69.173.144.138
69.173.144.139
69.173.144.140
69.173.144.165
72.251.241.206
74.125.108.199
77.243.51.122
77.245.57.72
8.43.72.97
80.77.87.162
81.17.55.172
82.145.213.8
85.114.159.118
87.248.119.251
89.207.16.201
91.228.74.159
98.98.134.242
99.86.4.129
013c7973a04a33fa5edb47608463a1d82cb93b38645018c9a1bba70f6ded998e
018c7b89003d09da195ccf6c3080ddd4d2019511916105bf78209ff2fd30ea50
020dd7fe92b9461f5bb82193086cefa99a2f42862351e06226d39d7c0ea87f4f
02f9345fdc8ec3b27d2713172fa51714b4fe9505459f578ea0825589bbbd0835
032f4e902003e3e6c93a04234f5170d9e313ab41e113928e1f9207dbf13ea6d8
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
051017bee0e2fa0b44f50a2e5bafdd60d8b8708ce68fa1e86b260a3e8fe7b99f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0859258e39b56a7e8df0501c0e37c537ac2d1ad6bdb80127a5c20b5593c1fa1a
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
096b029c8f65acc4691e0f6c4c6d1d3a049e3dab8754d2c2444a1e9612c8ff6b
09d37d5154f46e118abb3adead8557c6094198e959b823fdd29aa224aa90ab87
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12d3fa23649efb93279fb6f716dee0c9f96e65042e8a7e579c25500471734e15
139c3d240c270e48d562866a72ff61558334c4eff0e2d320b27f5eee3c22e389
1454b04d8a7df02c7cbcbffa63e76121b0d2f181902c1a31caf3bd20c0f2751b
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16451b410da7e2e5795bc39384f40bb5da9c5049519689afeb4b936a4ec7f6b0
183ff5319166645bd2e6d4dce61bcd6fbcf3adc41ab2489ed6c856519b432d7c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1ba5f5b764014975b339496ebf2d21b8ffcc43c9d0273005ffa46af2c39d8271
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f10ade9bb505cf4f2e91e2587b39401af3ae56034ef20c3efc5fba76a9dca7d
1f26a6335eb65f06b02fab1310f0e5b5e1fe82c60501d92865a59511de67d4cd
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21169f14539add188cba93f0c979745f100a982228a38c4a8d16e159df6b083e
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
24ac01a5f255db84ca568c84405093b4d45c8de278026e0fc40d197491bcef89
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2631655e487a0c53f57cb6513490e54d44bd12a0a38862001d315de7a2a4332e
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2795bbc910c93e272c7b9efa35a0b48b0d8df173c153988f2907513f000c0da8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f014b0e416ce5f3660b7ae583b0ef14cedac4100d5b19a6feeca2103b6b1bfe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32e5cda46b0f64e35f7890871e95d4a3d8c2482c958f9e61b01ad8678e1d8d5c
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c56a0487e7b74c9847eb5436bc21292d8b00900e759caaaff7c3916499144c
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
4321a6a0ab6b80f46fdf9cd062e6cd63e8215ede6d7b06a3ec0ec3a2701e0f27
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c41505855cf99a43c8f8be8de705bd5800b802b7ecfda0f2d664fa8b1920ac
44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8
463c22dc8c2d4a1be87d3c8c018d947db83778f737fc751b09786e2bb15098f6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471ab36d909cc2ee64c15c2c707a2e9539369a95c51fc280d6edae4741704102
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4db4ddacb422af8d8f029f69797b2400e008d192bf8d3ff23d128195f4be9060
4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
538f6a1b5cb6e786e264ae7c4f8f775b3da2386886558e8a65e0711c5bf88c82
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6
56ce92887c108586bf63058a06f051e957f58936396e829d5fddeb59dbab0e59
57429da13779dd07bcdcc1e494b3aff0ab03e88a80923e621f0f3cfd89a04254
5778a9de20dae21fa64322883db543032780472ff39d40dd9091bc19b9312236
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838
5d26306d0240b4b8d05a271368cd0db01bf647a518ded0c8c7394eed97ce58fa
5d969b136a91492e3adc24c8e617d5bb0febc363b6596b03d24c9c309d3b66de
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a
5e153bc0101b4f932deb4c2ff3be35c3978b28c754a657088ef796cb888c1ea2
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f8ff286cc05de380ef5e52adca8bcc56296b8b9cca3a33415cd7b435e953246
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61967cbc83a52ae64e3008e40b027a821c4b59e945dd51a5fc2babb433d117cb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6260d70e5269eba9bafc5f6778f88d06ecb11c17b5e354aa4b0b7700a09b122b
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6305afc22fd2e45aa50d4e6721ed172b3ebaa71dbeccc47fd215b113ed0455d4
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
64492a7b1c73c113df9c13630afdf4efc55c4f281a4249dca7b7bccb961485c4
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
6957f45417898b78de3f5589aecb5d5c30dd17280c97964754394db3062a0733
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1e27df7bca6e6c472adfb351afbc16a7b5875fbf91d73ac74a2aba21436df8
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d220d31308f479706e776157adb1bd09563f379fc1ffc26584741da6fd678df
6d3771ff896dc6d8be9942e8f3f4165e117a695229bf38f6f89fa3d503266895
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
71f4499efa56831796e734d4e39cbc3943f9cc94d43498ae41b4cf7a85c15583
72153d15f8cbe7d72aee6702366ad511156c8ffa198b94cedb47aab2304a9948
72fc4743c7c82f8cdcebd6c1e5fe20ecac89bb2125990a606f8a887d5791242f
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74e1bec92cfb3c7502f1400de9911ba46b2d2575c4a5a7b164a9df4f8f72e3b3
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
7772ea94f26e103786fe2b02699df808d912411a9a998348251532d9f49ca102
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481
7e8f8b1b5e5af237b5921899b57994bfe2ceae01e7b0cf36074ff26cb2ea5250
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f9fbc93ba4bfffbc6360421aef68fc015fb73b299d89138e6e87edaa0a4a010
805112d0bab5a79f90644494f65296ab71f6be2207af4444fbabbab98c9c88e6
807ce7c54a9770500913377d37c5771b5660f785da3c8ba8c32fa0916f648165
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836c676386a52e36ff0d32c01402c9b3741727564de5ba01dcb1b7159de92181
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
874b4ba5f7a0cab9e4b2a6c6636c7db6224258d8fbab1fc3748712400d5cf118
89e366ab900223d921632837c0ecd38815ea0c3b5b2fdba5ce3638c7c1d51f4f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b6f510c76d49c6b1f3ce31698a30b4ae9aa10b553c3c8306de4366eb42e012c
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
90b3887be71bc5b00eeac2fd26821aab1f5670bd1ecc0c02173652a8dfe8bc07
90cc116fabb1aeb4791c3b6e963f2ae1e062a48562c472f77b900da776c311ae
910761bde2f2f138c8503ca39c283da584c901175f655b996b9a6e7fa4afe307
9145a1b5941a698cff3ad558184cd813710a61ea765201ee9465fd2cd8cae663
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93a0e06792b214641ec1b5af043cb732c0a25d1ccaeb442c10c85ee638673c82
95486b3d18b5199831c4b1dbb68123f7a5a3d9344063f1aecc16efdfcdd1e148
954b3fda838a7666e6e9df9d3f856f317e0ac130bf5e8778b12ba575fdebf729
966e44ecf48d974c5dcea1ae467e4bc8cc9a010d2401566364c6a2eaf8361531
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
993a112fed28aebb10e2297da40f97e06e693040bebdfd6afcd6077e83b558c9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e153fa13b756ee34fe31561a2df595d42548d16627798a11db683e166f84bb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e1eb4e6b7c361b6dd9fad9b9b7f7f29bacff9af033586fa160ca87b963c707
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a303866e07c77f2f1ddb7e51e59d650e71eba5717db248a2e891f0ccffd0971d
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b
a969f99d61e55b7898a3bd95cf51fc47dd0653556858a39449f7fb84105ae3f0
aa58fff3fb75a00c0a107c1b2e58c05e1d8d4cdaa82a0ec379cde47e53e19fcf
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adea4fbe0d06734a8bf999e9755dc5a75fe59f81f7bc96c16ff863888cf2bf6b
ae837bfbe21055184f9b10ca37df92c859ee586a2791a44d5646155962934291
b024be8a1bb1f0e794fef6b98144d8f49c8437bb7902dd6c4e51fc64a2114a18
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce
b5641039f8bc879e8e6edcc43fe41fab39d0715cfe9d65f260fad6461c920c7b
b585b5dfd5686ec81f8ce1e1b59feef59e251978b28fd3be530f019f7a91425f
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7669e1a4abbecc9096bea7c443247381c2dc3fc43c787d5b8719bdf3592dc86
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
b881933fe54cb1f5fff57af861b24625152804dc14462501e7f1fde3b11fe4a1
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
b98e49c162c8631d0e2798d2664e4d82671939ee4f231e644af185f5770195c9
bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc02b300f62e91c95f25697557040a84d6af011a9bfddab8c9be009cdf5c7c81
bc0cec8650f54b210227406c6b864a115de29bffd7f520692de14b04c95f3a7c
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
be5b88e3780a469273b0b219bafd9f7952ff699980e266bc7760f7a655ca1ac0
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
bee72a29b6ecc42393e0de2afc626e13bd29dc5cffc0362e9885c88abf38466c
c03fe70fc87cf15f2f3fb55bff2290d161f628433b49bbf99fe62381cb8fd6aa
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24786bb6e0044b707b2c070449f5e350dca9223b644d62be8b12270fd147071
c62f8963a2302a44b2936e42c46d3cd3f4572129c8acaf45f1bb1d021bd60d1b
c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d
ca792211e738471f09c85bee47692186a8e2c4f986a24e81097ab7c9695048d0
cc25262f1277646f3a456c79946112b106b0b8b47bcf9abe3add99c8a8f1761c
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d09bd8e3d503bc79eb1482fff8be68b0005fedbc286b1e54ecc817af53bd7272
d0bf88e55eb804baf10864876ea382243e9a54df8a75abff1e508cd8a8d166a7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1b974ad7f7d096b88f95cc333f1a0f381a2966e823723f18704207d1f4b7e18
d533d84fa364da836b2c2f13dce321389070c14c9f9d3322576e1a3681a0cf7d
d77fa5f55fed897470bc435b7af9a61cf59dd4e49ac3d0e445def2f102e28881
d7c3e7534ac1adc01001ecd2d17f6b61e325be9826a7786e7eb54610a3ed2aa5
d964ea04b3ae030749ca8d981748bc5a13171e59363ed99be1e57e758e90e8e4
d9a56feaeed5ec4e20a9e2e86bc2e53c59545a927d70dbd367adcb6a652c3069
dbd25ac4aa255b6b7c0c99b95f9a74d1eddd4168f29eb6ea15db37f6554a1717
ddf719261a7ab0d9887096946933aa89a6c212288cf236107392eb69020bf40c
debd11fb5d53c51551327e0b492e4f7bdd7fd92def38bcbc3574df784b327e9a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4614773e09d59a47c7deb001616cb379dafb917716b6eafb5e580fae946f689
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5b51270f6a49d0c09de2624d78c98b55122555508d54f77a9eec37b735a7b7c
e690b007a72c30a72e0eb7618678874d0b3fce48c83af10e6f974d4e9e6a0754
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041
ea12fd067f88b92064d51ff4fdade5a18641064019a41376ddaf783ecda6756e
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ed06352583ea81f637c768d64a743aaa3ea532283a8c2e9cd9779e9d543c058f
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d
f20a6d4f7446e90fb990e543c1307836a217e5e61104d8dc0dfcf82bd3c8d616
f32ec7a452af020a426f77bb326ece4e42276a194b650aedd1287ee054fda884
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd
f4621b135cf8e12f08c1b6101756c2eef99a2a7e639033bb89d2ffcf8104cfd2
f51dbecaad3ef88b62304fab4f3ce8a97503b92ec7b0b2cca951180660093ee7
f58b1853152b9ac59e6640fab71b64a264d25064f2f10b9cb2ebfee39cd9c4db
f5b7aeebf91f7bb4be867ba6dfcc9be0c655baae5ac3a9702dcdde051bfb50bc
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c
f95323ba460c20c10cbd662b20b56599b925eb78b9f86292d2c4dbe431372bc1
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe8e952bbc815c54ae980c69f8b242287d476dee3da64b994eafcc1e3d1c727f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff2473fcf2674534243b8a32e45ea2c1949f6063bb2bc74438971ad7dc3236a4
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8