3rd.bada.io Open in urlscan Pro
188.114.97.3 Public Scan

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 185ms
40ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7587FF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 May 2024 15:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5058
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 14 May 2024 17:41:03 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 218 KB
59 KB 186ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 3rd.bada.tv
URL: https://3rd.bada.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 May 2024 17:05:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: zpb0AebEhxnwiWINVcD1A7RTCGQPh5DLTNhHwn0RgqM7FZ5Dql4KNCOlvKPsSTk4VOMmWbwz4bmgDddV8fehzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 142ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7J7NEE5NDW&gtm=45je45d0v887830944za200&_p=1715706321644&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1513377648.1715706322&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715706321&sct=1&seg=0&dl=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2166
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7J7NEE5NDW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2WYZ67W68W&gtm=45je45d0v9122551882za200&_p=1715706321644&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1513377648.1715706322&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715706321&sct=1&seg=0&dl=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2200
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WYZ67W68W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 49ms
49ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2WYZ67W68W&cid=1513377648.1715706322&gtm=45je45d0v9122551882za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WYZ67W68W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
66ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2WYZ67W68W&cid=1513377648.1715706322&gtm=45je45d0v9122551882za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1356679797

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NVL7K8CP2B&gtm=45je45d0v9122553399za200&_p=1715706321644&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1513377648.1715706322&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715706321&sct=1&seg=0&dl=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2228
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NVL7K8CP2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 51ms
50ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NVL7K8CP2B&cid=1513377648.1715706322&gtm=45je45d0v9122553399za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NVL7K8CP2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
65ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NVL7K8CP2B&cid=1513377648.1715706322&gtm=45je45d0v9122553399za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1136835912

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events
log.outbrainimg.com/loggerServices/ 4 B
444 B 497ms
121ms XHR
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1715706321965&sessionId=e75af3d9-ec8b-0758-df18-04f1e93c9d99&url=3rd.bada.tv&cheqSource=1&cheqEvent=3&responseTime=282

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

server-54-230-228-64.muc50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 14 May 2024 17:05:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 7d99baa71690f707b30029b3475c9fe2
Content-Length: 4
Expires: 0

POST
H2 200 collect
www.google-analytics.com/j/ 16 B
219 B 48ms
46ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=976132881&t=pageview&_s=1&dl=https%3A%2F%2F3rd.bada.tv%2F&ul=de-de&de=UTF-8&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=2108594796&gjid=609108679&cid=1513377648.1715706322&tid=UA-2556552-9&_gid=2102838757.1715706322&_r=1&_slc=1&gtm=45He45d0n81W7587FFza200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1557361711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e5979922753cf3b8b069.js
script.hotjar.com/ 222 KB
55 KB 126ms
47ms Script
application/javascript 54.230.228.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e5979922753cf3b8b069.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3685459.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 12496
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55998
last-modified: Tue, 14 May 2024 13:36:29 GMT
etag: "dabac5cc8e90131b43632bc82895bb8e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: l6W-sEPiKxUGPrd0QLAJfk9AV-5uSnYtmym6wn6_pvKA_9beHgbewA==

GET
H3 200 pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/ 454 KB
142 KB 126ms
41ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 10:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23322
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145002
x-xss-protection: 0
server: cafe
etag: 8410536799634492291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 14 May 2025 10:36:40 GMT

GET
H3 200 ppub_config
securepubads.g.doubleclick.net/pagead/ 65 B
79 B 157ms
73ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=3rd.bada.tv

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55
x-xss-protection: 0
expires: Tue, 14 May 2024 17:05:22 GMT

GET
H2 200 1969197600059401
connect.facebook.net/signals/config/ 56 KB
12 KB 174ms
173ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1969197600059401?v=2.9.156&r=stable&domain=3rd.bada.tv&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 May 2024 17:05:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=65, mss=1294, tbw=63355, tp=-1, tpl=-1, uplat=131, ullat=0
pragma: public
x-fb-debug: JdYHvsOPyKQRHMDmkdJ3bMioYpmWsH7R49hqoAIWHRLVpg5ZYX1bSW40Y1f7dI+Gq8oZ7qCDSs6m4tdPiu8ZQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect
stats.g.doubleclick.net/j/ 4 B
25 B 49ms
49ms XHR
text/plain 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556552-9&cid=1513377648.1715706322&jid=2108594796&gjid=609108679&_gid=2102838757.1715706322&npa=1&_u=YADAAAAAAAAAAC~&z=1199274301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 May 2024 17:05:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 249 KB
88 KB 69ms
69ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64TNV9EYRT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 17:05:22 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 150ms
64ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556552-9&cid=1513377648.1715706322&jid=2108594796&npa=1&_u=YADAAAAAAAAAAC~&z=1937576992

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
64ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556552-9&cid=1513377648.1715706322&jid=2108594796&npa=1&_u=YADAAAAAAAAAAC~&z=1937576992

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-54-230-228-64.muc50.r.cloudfront.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 421e7b50-0a06-4465-b49c-e5957c030267
config.aps.amazon-adsystem.com/configs/ 563 B
839 B 141ms
39ms Script
application/javascript 108.138.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/421e7b50-0a06-4465-b49c-e5957c030267
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-117.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:00:37 GMT
via: 1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
age: 285
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: 0z8_omImqDlcV5uQn79RvkG04EsKHMuR1wSvQ_mo9EmxQQeUD83QyQ==

GET
H2 204 config
c.amazon-adsystem.com/cdn/prod/ 0
300 B 141ms
140ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F3rd.bada.tv&pubid=421e7b50-0a06-4465-b49c-e5957c030267
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:21 GMT
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://3rd.bada.tv
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: DdUQIECBzHhTSbuomlpRHVEs6oEizT70ufATcwjHaUjvqhOBy-0nZw==

GET bid
aax.amazon-adsystem.com/e/dtb/ 0
0

GET
H2 200 aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 126ms
44ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
date: Tue, 14 May 2024 16:11:49 GMT
x-amz-cf-pop: FRA56-P6
age: 3214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pAu6TtqzIwG5_Xt9OwsZQZU0UxA41cVyMmtrH43FXQBK2bBhufmtHQ==

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 5 KB
0 281ms
281ms Script
application/javascript 54.230.228.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e5979922753cf3b8b069.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Jan 2024 14:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 9599595
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZzgfBEV2yCN6lxNd8csjEh_VraYP22FSR4utQBr0wKLX5QJanJAHaw==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-64TNV9EYRT&gtm=45je45d0v9122550739za200&_p=1715706321644&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1513377648.1715706322&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&sid=1715706322&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2496
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64TNV9EYRT&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 126ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1969197600059401&ev=PageView&dl=https%3A%2F%2F3rd.bada.tv%2F&rl=&if=false&ts=1715706322232&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4158&fbp=fb.1.1715706322231.285112192&ler=empty&cdl=API_unavailable&it=1715706322045&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.tv/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 May 2024 17:05:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 bootstrap.min.css
3rd.bada.io/assets/plugins/boostrapv3/css/ 97 KB
17 KB 63ms
62ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/plugins/boostrapv3/css/bootstrap.min.css?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da2c168e734f1339448ae09197a654b513c13bf69e1e5ec451a88fd737897f70

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:43 GMT
server: cloudflare
etag: W/"5c170e4f-18426"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaDN1SlUGeQt4PfhFh3VWTux6TYqSu3Mv1lcasF1%2B7upqFXXjhiYC6NcKEcLGU%2BtRsp4jH4PFoMZPkcxNjy4F%2F98xKYdgB%2FKbLNCByy7vsnyTCsHErDcAmCmK93dWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903cf0cbb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H2 200 jquery-ui.min.css
code.jquery.com/ui/1.11.4/themes/smoothness/ 29 KB
7 KB 178ms
55ms Stylesheet
text/css 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.min.css
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8964f1fe20bd22829aa12283e7e59515e7fc658348810e00c55a4c6c1c368628

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 18185215
x-cache: HIT, HIT
content-length: 7323
x-served-by: cache-lga21938-LGA, cache-mxp6982-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715706323.653876,VS0,VE0
etag: W/"28feccc0-7545"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 8585, 7015

GET
H3 200 style_new.css
3rd.bada.io/assets/css/ 23 KB
6 KB 63ms
56ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/css/style_new.css?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c41c4e8a71b7a2dda8701aa0ac6f285c113f04e5035d05cb07bdb7f5347132f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
cf-polished: origSize=31535
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: W/"5c170e50-7b2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rj1iWbsOyipV%2FUunGlfyF6d%2FePjvQbOqPlsY5rjaouV0prS4hai8h6oVgaG6eIObD48yBpSyei4vmXU1oIcgRnnylNMrm5xhI56dLA5gmiYedxl%2B4l8YLG%2B93bab8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df1cbb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 custom-icon-set.css
3rd.bada.io/assets/css/ 3 KB
1 KB 104ms
95ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/css/custom-icon-set.css?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ffc8ad5188c9e5cec0fb6a426d2cd00a22c2df7543f3d37e07e0cfe6cdbd95

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
cf-polished: origSize=4243
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: W/"5c170e50-1093"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAA91%2Fy77cFZ%2BZs7fUz61LfslyctYoyo6vYJHyd6nZLg6O9b1Pfpxza7h6L6FzrxE7z8eOaaRZGdFiLlFnyFqmrbBb9jupOSiVo65KCDY4haTh2E5rFnmSAwAZtqEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df20bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 custom_menu.css
3rd.bada.io/assets/css/ 13 KB
4 KB 107ms
98ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/css/custom_menu.css?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8685e74306b34eee3cbd7c9dcbe00f77488a7022535ced9b9dbeb4c69292ca5f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
cf-polished: origSize=17680
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 25 Jan 2019 02:19:37 GMT
server: cloudflare
etag: W/"5c4a7239-4510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EocUQuqFooDFLQO%2FUxb3LcMw4uN5XOHphGdtxwOlzDn802ZS2rX%2Bp%2FdTxaAaDYppvHhEO34iMM0LfSaheH9uPa%2FMhTN4gG5HZU%2Fn3hxG8YOjXuDFRP363WoPVPwvYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df24bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 slider.css
3rd.bada.io/assets/css/ 4 KB
1 KB 70ms
60ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/css/slider.css
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b3571b071f8996fb21d18dded16dc91202bc2b07bd9425b86b464f8968034a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
cf-polished: origSize=4165
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: W/"5c170e50-1045"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q8CQiLatz%2FcSBVG9sgomrRZQVZovTssWJk2YLakSKnhWlLRoFVCUKNTPQINZDehhq87i%2BNhGH%2FTuvmPmGHC%2BznVDn111THDEjLh6n4lcbExa3EpAhKQFJEoIuoftfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df29bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 king-style.css
3rd.bada.io/assets/css/king/ 26 KB
7 KB 108ms
99ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/css/king/king-style.css?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f49f13e5a647c2a6e8670a655bf65ff664b173ac2e8b135d86675a36813b7b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
cf-polished: origSize=33589
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: W/"5c170e50-8335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vlN2PH4rAVjQfs5ADRYe9TY2H8j5feMk99TLFTMCU4xuMs009wcur4uK2f5%2F8Ts9WT52nfrXJt%2BbO%2FKANAc8PBtepRSfXGjB2ZxFfV225Ifx%2BONUDsC20Av9Dp3NuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df2bbb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 my-style.css
3rd.bada.io/assets/css/ 9 KB
3 KB 109ms
100ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/css/my-style.css?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55887bc05e20713bad7bb1c9f60491e5f3288842977b967b08d9e247a3414a7b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
cf-polished: origSize=13239
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: W/"5c170e50-33b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rM1MMgSDfY1mQG5KG5FyDjJAqZ2CTMIhmBr1T%2FInIMn0uyx%2FWlzU8rQDmPMseHwXJuiYRK%2FF8JlN0XTTT8qXhtW%2Fzcw9AiwZYNp7cVGfmmt%2F%2BOpsJoJINQkxZ01jXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df2dbb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 my-responsive.css
3rd.bada.io/assets/css/ 0
528 B 109ms
100ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/css/my-responsive.css?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: public
cf-bgj: minify
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: "5c170e50-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cO6SnpApWnt3mt6YViVoH0zd%2FworAKhW65S%2FKHYjETZseLN9l%2BvVCOYHXf216z72cHfBhCjehWWObEP%2Fp0oU3tPwSTN1wLo%2BHZRqSdI1sGTh9WDUEEEHxKh9EefJGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 883c7903df2ebb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 95ms
52ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 521481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BWXd25OxHsu4vX8%2F21WdZX7SgJFRw83HE%2BVlcLZB23flerHZ5gKK1xgTk0yuEb17i%2BziR%2B2lJivnHqHaWpblyz4%2BTdq74KMJxTXYMjsrAbIljyL%2B039vPC8R21BFTaDUZHAoIcM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 883c79041b4d9756-FRA
expires: Sun, 04 May 2025 17:05:22 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 151ms
94ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1078
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2443890
cdn-cachedat: 03/18/2024 12:28:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5e4d53437a90cba0ca0545e9504ae32b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 883c79042afc3486-WAW
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 717 B
779 B 141ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 May 2024 15:44:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 May 2024 17:05:22 GMT

GET
H3 200 jquery-1.10.2.min.js Show response
3rd.bada.io/assets/js/ 91 KB
33 KB 108ms
100ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/jquery-1.10.2.min.js
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1a56367032d031feb64ec8dda18f6fc4722d20ccf9391fdad5942e3d46fc31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:45 GMT
server: cloudflare
etag: W/"5c170e51-16b87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TT6JSvcSyaktw4R7ca8oCJe9jeuXbouZ8T2anx3roVIxG%2BJcS042AOFy2F3d%2FI86NxuVMTKkyvqKSM3NAcll3ycM8ee6TXy7MKWqZALY0cS6Kqf8dNQwSK%2BL575Kgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df2fbb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 jquery-ui-1.11.4.min.js Show response
3rd.bada.io/assets/js/ 235 KB
64 KB 147ms
139ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/jquery-ui-1.11.4.min.js
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:45 GMT
server: cloudflare
etag: W/"5c170e51-3ab2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPcyki6ndXtMpeyQFVijNzuzgyBIuvdB7y%2F1uTfS1XxqWWg32%2Fd%2FkD9BDgiDDFCxT9p3%2FZF3yB%2BIui%2BJxIdr9B7rB8aoBwPhkKOEqdFsbuLvikii%2BRMeriDS8jf4Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df31bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 bada_common.js Show response
3rd.bada.io/assets/js/ 8 KB
3 KB 186ms
178ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/bada_common.js?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f5c6cef119a8e66fc89b74057a9afca9ca6019f9ddcaade8b348d725c87776

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Tue, 26 Nov 2019 07:39:46 GMT
server: cloudflare
etag: W/"5ddcd6c2-1fb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZu3TakCkMeqTUGKa%2F8Xg6bdKV2h8b1LNyt7aWjq068tvZqrhmxvGuX%2FYFmz3SmiiWrdOqBj%2BnAe5Js6LABhxHPJHGxYwuslHHCKv8Kdo7g7eGgdyP4c0u54JsJiVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df35bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 custom_menu.js Show response
3rd.bada.io/assets/js/ 9 KB
3 KB 183ms
180ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/custom_menu.js?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b0f49b0f2822dd9c5e8bdb04540dda3819a343e5202eacd5267e897a07bf66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Fri, 08 Sep 2023 00:24:55 GMT
server: cloudflare
etag: W/"64fa69d7-24e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7i6QKFGYm%2FDj0l6Dtkxx1QpNtY8D2ldg3p2p07P8UpGvP2l9lJshzCPdrKPS0CGawNVOUm5n9wxSC5aKSgMuEt14f%2F%2B%2Fmltu%2Bc%2FeXfDOGidgB2JIxM%2Bt2BUh0Qz5Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df39bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 bootstrap-slider.min.js Show response
3rd.bada.io/assets/js/ 7 KB
2 KB 184ms
181ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/bootstrap-slider.min.js
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07ba91986972a1d1ea89263de13598b234133b83cc3fe4bf36cb61d8fa8864e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:45 GMT
server: cloudflare
etag: W/"5c170e51-1c17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZnV3ZJMfXE5r7uxKdtuBoXWxIduiyyWvTrRuIrEpFqaiIf5G4KoPehvEn1kqcTyFSSTXYZl2FOueVstnLhh6w3XvlNiqq4Afjlc21zSAvASpkZGFKWOkD%2B4zvy%2BOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df3cbb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 masonry.pkgd.min.js Show response
3rd.bada.io/assets/plugins/king/ 25 KB
8 KB 186ms
183ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/plugins/king/masonry.pkgd.min.js
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7563ec9314f0ecc707041c1622bd3b7407fd2ce72b0719fb26baaa6a40652c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:43 GMT
server: cloudflare
etag: W/"5c170e4f-633c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aG%2BFGm0cso%2FH9bcBuQ7CahBossC6JoXfB2C%2B6vQaX6sqr6uJig%2BdRrH1VwTqXvkgm9d09U0%2FYYRWjMAFEc4cJB2YQ5FZqa%2FuXEA6D7eZqvdzcCtJe9hgXy7zV5sZKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df3fbb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 advertisement.js Show response
3rd.bada.io/assets/js/ 25 B
578 B 187ms
184ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/advertisement.js?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca992e4be6be67a65f1642187f3d7fa126db6e34a8ad4bceb9021641442fe6a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
content-length: 25
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:45 GMT
server: cloudflare
etag: "5c170e51-19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYGJhzHfGeCQpFfILk%2FSXva%2B5KXP8%2BJ9uatOV3SwKL56lp3Tw6y%2BwueHoVoz4z7aEGOUBuDF%2FdYmFoeU%2BhFr8rxEqsVUWJaPnK2ES11B3dkVsJ92TGjmF6UBhur81w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 883c7903df43bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 main.js Show response
3rd.bada.io/assets/js/ 4 B
552 B 188ms
185ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/main.js?v=1.2.4
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e6495ed98e4dd733893107b4450f9e22ee5c1594ed885e43bb167974a0fe6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
content-length: 4
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:45 GMT
server: cloudflare
etag: "5c170e51-4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FnsfHzfPuj3J9Zi%2BeUG0nRzEhGWthE6Yz60%2FCVesq0GGxnaVE%2FZlriGr9gYcje16Rtq%2Fa64HxpaTyQ11dfJA55GNaPBzpeWq8hQ6tPIlBd5qGdVoMRk8l1orW7OCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 883c7903df45bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 116ms
66ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 2550961
cdn-cachedat: 10/31/2023 19:01:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4becdc9104623e891fbb9d38bba01be4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f583464d877c7caa4408787a75be772c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 883c79042af73486-WAW
cdn-requestpullsuccess: True

GET
H3 200 plupload.full.min.js Show response
3rd.bada.io/assets/js/plupload/js/ 111 KB
36 KB 189ms
186ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/js/plupload/js/plupload.full.min.js
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9a85dd56b70c3be8eee07fa7cd0947950d174332ae7179fcce9b6bc6e05765e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:45 GMT
server: cloudflare
etag: W/"5c170e51-1bb5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNI5CSs504umvrfsHvGSKcjjVniGyxP8t2eUS%2BwvaBl9jzG0i8o8c%2FKXky6a2W9N6vPLlC3UmnF%2F64GxDbi9R9n%2BB8DhNTCY9QCKcKfSyBiK0FTz0c6Ht0%2FWw5l1XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c7903df46bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 238 KB
87 KB 125ms
42ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-86.deploy.static.akamaitechnologies.com

Software

Resource Hash

bbd58cf093a87b16bc7a43e60d724a09d88554a06a7603f65b9cd965e47d1b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 14 May 2024 17:05:22 GMT
edge-cache-tag: widget-cheetah
x-traceid: 751bc990baabbfd1877c46344b24cf9
content-length: 88457
last-modified: Wed, 08 May 2024 10:52:09 GMT
etag: "3d-M9fmPpc3I4w93vTLKkITzpp+Dg0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14500
access-control-allow-credentials: false
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
102 KB 165ms
75ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2YFQR27YKW

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a683023aec9c5a7b13caa0e0c0da03b2b1c8f9d67a08ea5a3b2d480cb41d082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103539
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 17:05:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
73 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7587FF

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bf928117527844dc99bf631402af7d335f0c7515c959ec95aaa6c740a7e7a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75090
x-xss-protection: 0
last-modified: Tue, 14 May 2024 16:09:37 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 May 2024 17:05:22 GMT

GET
H2 200 pageos.js Show response
cdn.intergient.com/pageos/ 2 KB
1 KB 155ms
55ms Script
application/javascript 2600:9000:2250:f600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/pageos.js
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 97fce9aa8966422e96dfe69ba9e046e8bc1b9c4c012d1cdba7c757bab58a4f84

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-lambda-function: us-east-1.pageos_production:418
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: TenO9a305UW324PashQ7bGhKXQ1-xa1nUyoSmzExtC80Ne2P004JZw==

GET
H2 200 hotjar-3685459.js Show response
static.hotjar.com/c/ 9 KB
4 KB 172ms
76ms Script
application/javascript 18.66.192.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3685459.js?sv=6

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-32.muc50.r.cloudfront.net

Software

Resource Hash

59e9a02c60d8acee04344898a7af212ea9acd5f3f0bfd5a3eb6be4dbcaee1731

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 May 2024 17:05:22 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/2936564ff7cac762372c0ff33fcf6121
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MzGuyMH_ba0tlxOH23NOymgPT-0PKLmL6kWSGD2U91u-h2AD5Hn6Pg==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://3rd.bada.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:02:21 GMT
x-content-type-options: nosniff
age: 32581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:02:21 GMT

GET
H2 200 topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame C187 0
0 132ms
48ms Document
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2F3rd.bada.io
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://3rd.bada.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=14400
content-length: 667
content-type: text/html
date: Tue, 14 May 2024 17:05:22 GMT
etag: "a52151dbf5b2ca563e40ccca1ab8228c:1715186858.842454"
expires: Tue, 14 May 2024 21:05:22 GMT
last-modified: Wed, 08 May 2024 10:51:29 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H/1.1 200
OK M3JkLmJhZGEuaW8= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
534 B 129ms
42ms XHR
application/json 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/M3JkLmJhZGEuaW8=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 14 May 2024 17:05:22 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=5534
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 8c7ac5e69b352dffef9bbb202cdf11d3
Content-Length: 15
Expires: Tue, 14 May 2024 18:37:36 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 71ms
71ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 13 Jun 2024 17:05:22 GMT
date: Tue, 14 May 2024 17:05:22 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 etoland_9251923_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 20 KB
21 KB 844ms
841ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/etoland_9251923_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eb460a2517ad2f7b4bb04f79c6229ef5e237942e340d62e918b3e3284fa2845

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20498
last-modified: Tue, 14 May 2024 15:21:28 GMT
server: cloudflare
etag: "66438178-5012"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0kkThDxg6zj0jMnhPsQTvOIC%2BY0%2BmTAyaavroHtFITom4h%2BJvJj3xApVBZrFLKQNsdI4Qe%2FBFUVaeQ%2FC9SWYlNpLg89YlRW3saLw89pJYfe%2FqrUSdSwRkAAfkB6Qj8S6"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c790589d2bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 etoland_9251703_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 23 KB
23 KB 860ms
857ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/etoland_9251703_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a05cd70df388313d187b5ae386f657b9fbe838311c71ce4f27c4b8b5aa1b7a18

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 23414
last-modified: Tue, 14 May 2024 14:43:00 GMT
server: cloudflare
etag: "66437874-5b76"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEweKjQ4Bgzg%2B4YMcF4vr%2F5j2cXrpZ2AktJQvy5r3Cz4ZyrLtNchrRhlqtHwgoUvS4JWlZsOsfoRqOu%2FaLinsx7rgRvYnOm%2Fb3j2PiO2NgkgU1l8SEorTnTmVT0%2BzVua"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c790589c6bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 fmkorea_best_7028930330_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 16 KB
17 KB 875ms
872ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/fmkorea_best_7028930330_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842e020f7ffc35fe4a99cfa4013f3a98b49f33b4b2649cb1f85a9db1ceec4c94

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16790
last-modified: Tue, 14 May 2024 14:36:19 GMT
server: cloudflare
etag: "664376e3-4196"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dCeA6t2G0eDpg1cAZZ8Za%2BCDbS%2FxOJuQkQzahi8Gv%2Bk52qb90tRKumg1RTwo05Aa8FFe017lOzJtLcN7OfuuhkYtydNBlA864lCsc9C7uPFc8VyUZWUB%2FfW1kYJ3jYg"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c790589cebb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 ruliweb_66057273_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 33 KB
34 KB 1128ms
1126ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/ruliweb_66057273_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9645ad46446ef1ee4f9c99b1393a5ce11e7f9c789b072d76d040d4fd53c1529

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33968
last-modified: Tue, 14 May 2024 13:22:57 GMT
server: cloudflare
etag: "664365b1-84b0"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTJhkRe8H5PglzMhR90agD1a%2B9WOi%2BqtQiA8lSrNiMEsmCroxBI2U8zAYcjFcG8rNbFs83SGRyaJWuh9Zy1j%2FCEAWPGeEJxFa8VPEyKjCNgZ6OoElzQBDlhfU53MwnEa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c790589cbbb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 gae9_1RKXtk5XMHld_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 25 KB
25 KB 868ms
865ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/gae9_1RKXtk5XMHld_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96390fc616666c1260559078d6c8f7440e270380195bcdee253fdc00265c0bc0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25126
last-modified: Tue, 14 May 2024 12:50:40 GMT
server: cloudflare
etag: "66435e20-6226"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAnpiIOmCgtBsv0LAl18G9zVEFFZCR4ONMRFah%2B8V9OYSsKPfDljUFJm9kY9qbpEv9LwPP8EZBrSBRET8ADH%2FHiK5uOXivAecxhexwHNqMk8TI03HuViCTunBer1LGT7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c790589d4bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 ruliweb_66055338_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 15 KB
16 KB 852ms
851ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/ruliweb_66055338_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360ababf2f11203e5d77a5a7d2ae3f476e133a17deb5c56e7b4b70786fe72bbd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15464
last-modified: Tue, 14 May 2024 12:49:20 GMT
server: cloudflare
etag: "66435dd0-3c68"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnKKOWxHjOdpSW91Fe8My%2BDycERGVYFB7CJ4OigYwnv0by8lWyrYpWd0q4ZZ9wiLictD%2Bwx3NPjeSrn7Fj0auiWH5Jvj8k6MsQODOPXBqF%2BFghXJvT32I01xcKm0e9VW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c790589c1bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 etoland_9251298_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 23 KB
24 KB 844ms
844ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/etoland_9251298_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcfa4f44e903e94e2cc516861e36b1d68544dbbb70e0af4c2f494d1ecb49b6a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 23928
last-modified: Tue, 14 May 2024 12:21:32 GMT
server: cloudflare
etag: "6643574c-5d78"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzFZ%2BCM9Rom744tWcA89rEc8UBDU3tS7%2FW5y94Psm8K0dZBljtLzHKEM8teATs5D5UV6cMAe5fjkuRNl4M0O%2Fx%2BsIRiSh2yMmr8iQhw6aytDbP39gwPZfcIt%2FMGrt%2BFH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca8bbb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 gae9_2RQGf9Mg6knt_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 42 KB
43 KB 1101ms
1101ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/gae9_2RQGf9Mg6knt_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 286105f5b59ba593f22b4d716d95d9ac6762542f588fc6ab42f1d4a040c00fd0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43304
last-modified: Tue, 14 May 2024 10:50:17 GMT
server: cloudflare
etag: "664341e9-a928"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUe6Jm%2FLVpyiRG3kWAxDuabdzLy2Cw1XsEwiybf2NL77G%2BU6hp5zNyfZgnXR7VHERbP5Vp%2BgykeFYIDWFhEjs6zT31uANIMyOPyWRyHnDiOWj17FQE%2BNHTixiy14feU6"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca7cbb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/bmqnj94DNUg/ 12 KB
13 KB 128ms
40ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bmqnj94DNUg/mqdefault.jpg

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6915e2ea5e7f20e67a069ada79e7fe9d5cfeb171da632f63ce0a880a736a80bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:20 GMT
x-content-type-options: nosniff
age: 2
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12401
x-xss-protection: 0
server: sffe
etag: "1715658426"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 17:10:20 GMT

GET
H3 200 theqoo_3230682590_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 26 KB
27 KB 106ms
105ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/theqoo_3230682590_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdc225b68ea1d65a6c8f1a9df6e767637142ddfbde8c7fccd9cfc1b73be89644

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8583
alt-svc: h3=":443"; ma=86400
content-length: 26712
last-modified: Tue, 14 May 2024 14:40:23 GMT
server: cloudflare
etag: "664377d7-6858"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLaN94kUX9xyD1xl02H8umxtib08FSUHJdAPkYYBYTt0BXunL%2B6y%2FDCaAG3Ibt1Rk61wWlgnltE0QXCYoSrfMhMzKla1bpyDUXQh%2BsY0rc%2BO8vdqg4NKRfUuuzkofBTK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca81bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 14:42:18 GMT

GET
H3 200 bobae_best_741102_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 18 KB
19 KB 105ms
104ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/bobae_best_741102_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 046d1db6bda2f3c2fa5ed868ab5ca8b8030ff9576a0a9de06fb32b35fcacff4c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3235
alt-svc: h3=":443"; ma=86400
content-length: 18716
last-modified: Tue, 14 May 2024 14:40:16 GMT
server: cloudflare
etag: "664377d0-491c"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18yPZaMpX7p%2B8AksSQlgb2nyJM2zHXn%2FOTAvCIrvkzms4SDoRJuFxGI8NKUDhz7O7oq2wWOgxG5vtK7HNkuNfPG8hm01DTAJ7guGHPNWKN%2FKT3YRbr8IRjuZVfZos8ol"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca7dbb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:11:26 GMT

GET
H3 200 fmkorea_best_7029145292_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 13 KB
14 KB 70ms
69ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/fmkorea_best_7029145292_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3535544965fcf912b8d19ad827d4678e10e2ae0343696b5e0715d3017992c300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3177
alt-svc: h3=":443"; ma=86400
content-length: 13618
last-modified: Tue, 14 May 2024 14:19:14 GMT
server: cloudflare
etag: "664372e2-3532"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Se6uNnaoFd7C6OwJrhIpFUJIghb1Zrp8N%2F4Xnm%2FVWy%2F1Zc%2Fm2DxvlyfMXHKpjhVkud2RUWNRg9AAV8LtSjICEIR0mpwnNLVXUg3%2Fq5CsUV4f1vZ25cwNcyBzUJP%2BSUJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca74bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:12:24 GMT

GET
H3 200 etoland_9251548_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 14 KB
14 KB 67ms
66ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/etoland_9251548_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83f27fccb892d4c5e14850d341adfecf56238129fb7410bf08f17e605e9c93e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3150
alt-svc: h3=":443"; ma=86400
content-length: 13958
last-modified: Tue, 14 May 2024 13:42:43 GMT
server: cloudflare
etag: "66436a53-3686"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXtLqchbrOPHTB2dEgaDGyiPH%2Briwn86sLjHHBIhN6cMK73%2FU9dKk713LfjOI77s5%2FWWGYSMQcPruVcUCcFjY%2B13twPp5YqQJeUSVzRBt%2FWjN9k0MlUZqhPELZApHVJ4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca71bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:12:51 GMT

GET
H3 200 dogdrip_557151861_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 18 KB
18 KB 68ms
67ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/dogdrip_557151861_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1391a07fe438dd8ab750deaeaca9a731f47c98526524960adcd3f0cfc82b2eda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3140
alt-svc: h3=":443"; ma=86400
content-length: 18388
last-modified: Tue, 14 May 2024 13:30:53 GMT
server: cloudflare
etag: "6643678d-47d4"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0g%2Fr3YLkihCYzpc0ZAHc0%2B96a4nx9wQZojKfcWnsCMnNMXBoIpHSg4gYqNzkptxuSOIQTVeTGuKZTxILBlFeJ%2FDj2i%2BW8e%2FDftmUBkGrDJ7Rm7ahDHvz%2B4%2FDW8r%2FvKEv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca80bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:13:01 GMT

GET
H3 200 ppomppu_baby_50364_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 6 KB
6 KB 63ms
62ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/ppomppu_baby_50364_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3711bf7222556e5fd3d7fe48b02e8b18d4d75aaa7b0b25e4cbe9ff001c5871f0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3124
alt-svc: h3=":443"; ma=86400
content-length: 5860
last-modified: Tue, 14 May 2024 13:20:55 GMT
server: cloudflare
etag: "66436537-16e4"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNpLvFDIE%2Bu2OATaQYp1py4Fg5b7mKXR%2BtimrAkVCNo6v4vfEB1eRCqWxak%2FOU3L9NpKQE%2FBtbPk6qFUtONLYYcxqlgIxncpgwkTFYqt8kZgttSS0tX4eO5EEuIiRgAI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca6dbb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:13:17 GMT

GET
H3 200 ppomppu_freeboard_8795238_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 7 KB
8 KB 579ms
579ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/ppomppu_freeboard_8795238_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1215b51af1227a32531b514770c5bc3141c8679865ffa24f14abc6790562fd21

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7630
last-modified: Tue, 14 May 2024 13:20:44 GMT
server: cloudflare
etag: "6643652c-1dce"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1oiLigHGTFVYmzNr0eDnq324p%2Bmbv7O9RlbjVhXVYQJyhcBeiSCh%2BWeqUYATiMhYeJpAwTWAIFBZntq9VdzFFhSDfrUxKsgML%2BkLcklpkPRZcg673zINryBEl5R%2FFri"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca84bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 17:05:22 GMT

GET
H3 200 dogdrip_557163104_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 30 KB
30 KB 109ms
108ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/dogdrip_557163104_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b47740bccfcac703feaff9a2ae044b292d9676aed8b1605d82650410bd12c13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7866
alt-svc: h3=":443"; ma=86400
content-length: 30466
last-modified: Tue, 14 May 2024 13:01:14 GMT
server: cloudflare
etag: "6643609a-7702"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Zy8XaVTqoApGeehnH6Mi5jw49R%2BDY8H8UYG7eF6%2F195ElzL2j5EzWkcKvaeW%2BzSk6q%2FQUPb%2FY6wV068LE4NRoVmncCG0U45RXECS64sPZGd3IttwKglrzoZixE7ml%2Bj"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca85bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 14:54:15 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/TCD7RTkKMzk/ 5 KB
6 KB 129ms
40ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/TCD7RTkKMzk/mqdefault.jpg

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74afbf9079d532772b3615da2703acd38f9c2717f971406e88a131bba61ab28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:31:08 GMT
x-content-type-options: nosniff
age: 2054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5241
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 18:31:08 GMT

GET
H3 200 dogdrip_557154308_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 40 KB
40 KB 73ms
72ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/dogdrip_557154308_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea7a416734a2b9e69259e99bfd0f42de89c441d9895f0ec82ce183bc56e190b7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3056
alt-svc: h3=":443"; ma=86400
content-length: 40666
last-modified: Tue, 14 May 2024 12:30:39 GMT
server: cloudflare
etag: "6643596f-9eda"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmLZHleIv%2Bt5ngQ80p%2FJhP5TlAcGSPWgaIb4NxD2BddTqMFi30pj8Udnkg7jtHqfeG0iyuxZQYWC1SJbRtiS0U5tW%2F0Ox47xw4%2BE%2BntuCWtu%2FtVr4nHDanSewtPWpnY4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca88bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:14:26 GMT

GET
H3 200 etoland_9249716_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 15 KB
15 KB 72ms
71ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/etoland_9249716_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6115c512f214175cdc824b0a1a57cc41224227d1f9d8b27f9328bcce7d855c71

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16428
alt-svc: h3=":443"; ma=86400
content-length: 15010
last-modified: Tue, 14 May 2024 12:21:46 GMT
server: cloudflare
etag: "6643575a-3aa2"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhIlt4oHbZcRmjKAkMmW8hf8qNBuVu9TzTGVJNqH%2FeCn5%2B0Qdp3Z8JGZA47w9OM87M%2BK%2B%2FJ%2BjuxUOEglbOOOpS%2Fa%2FBCFSTMOBtvYV3zhswV9VYNalVecRjKP%2BuMUuuys"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca79bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 12:31:33 GMT

GET
H3 200 dogdrip_557152967_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 16 KB
16 KB 121ms
120ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/dogdrip_557152967_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e624e1793bd87e73613850972f9cb58611604fe8ac69788c69afd39ccd94d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3027
alt-svc: h3=":443"; ma=86400
content-length: 16236
last-modified: Tue, 14 May 2024 12:00:23 GMT
server: cloudflare
etag: "66435257-3f6c"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5li0rXYeaek2ygdfHD7TjAMbZ43CFEdOOrQ%2BW8S%2Fi9IU7NUeKf7vGCuotly%2FXftiGnbTbeRV8nmeTzkQABaXzNGZHYQmWcXCbuprY%2FnxuwYe9URTs%2FXw1mCQPYDpMaz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca95bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:14:55 GMT

GET
H3 200 clien_18725028_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 11 KB
11 KB 149ms
148ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/clien_18725028_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974f96e35f8bab169707bdfc262055bc2639ab8d26d902404dae87282ca7d456

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3010
alt-svc: h3=":443"; ma=86400
content-length: 10988
last-modified: Tue, 14 May 2024 11:40:32 GMT
server: cloudflare
etag: "66434db0-2aec"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUYWGmpg%2BwjA%2Fcn3%2Ba4%2F9%2FhRVmRH1uxLpabG5ZmMYuKUC3EJ6BffbgC8rF8WYWcMw0YyD9xSZBKawg7J8sJ9qkVJyyhKuEYCLSVDqmeinlYbNu6JDi8PbpTtMt6ZXJNJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca98bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:15:11 GMT

GET
H3 200 fmkorea_best_7030024545_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 31 KB
31 KB 118ms
117ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/fmkorea_best_7030024545_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b148f2ca45c19c5192da352f0a40468244d125d1d3b155dcbacfb7c5088d48

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2981
alt-svc: h3=":443"; ma=86400
content-length: 31266
last-modified: Tue, 14 May 2024 11:35:49 GMT
server: cloudflare
etag: "66434c95-7a22"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1F%2FppGihIa3hn50QO50EOJTfxP4Up696L%2FCR7Yc1hbdi7f65pVvgjuYfasMkck5He%2FhN%2B%2BTLeBwrlkhme7TGZg5UuTmHlmSnVHM1WnZacRxxvEBZN%2BeNIa8%2FueqZqwF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca94bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:15:41 GMT

GET
H3 200 fmkorea_best_7028709258_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 16 KB
16 KB 118ms
117ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/fmkorea_best_7028709258_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 316279d99d81756a526d8d2a1ab658ddbcab5b54f14c10d3e3863413678b9d2f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2997
alt-svc: h3=":443"; ma=86400
content-length: 16218
last-modified: Tue, 14 May 2024 11:35:26 GMT
server: cloudflare
etag: "66434c7e-3f5a"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nh86M43AYfE3iSJVv7xoLIXl8p%2FRJm2uRHUBrfANN9ln2%2Brp34v%2FI1QzFEvmyDXtIcJRVLqgbtCQy1KMVoWgL%2FJ5uj0bPZqRhjol3jEzUYKE817njsoFt3qxyhuXDzCH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca92bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:15:24 GMT

GET
H3 200 fmkorea_best_7029553706_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 18 KB
18 KB 150ms
149ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/fmkorea_best_7029553706_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403c4854e11ae97e61a849b9eb9e7fe5b409d752a62877752759de66df1060f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2980
alt-svc: h3=":443"; ma=86400
content-length: 18352
last-modified: Tue, 14 May 2024 11:17:31 GMT
server: cloudflare
etag: "6643484b-47b0"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QK7jNRDrg4i2SoKGC5MOrNdQDHtRRcDOCRMUKLcqXE5LrohorGkCfYmb4b5oToK8UL%2BFAPyTZfYw%2B83tve3QpY94cYElNES%2FtQVbnw0185rBWx16ERotehu3yhS8EBKc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca9abb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:15:41 GMT

GET
H3 200 alrin_17012511_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 27 KB
27 KB 115ms
114ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/alrin_17012511_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b180d68e9be13074b6a97e88f9e4cfc12a26231046dd690e233b34ac1dc5e155

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21792
alt-svc: h3=":443"; ma=86400
content-length: 27440
last-modified: Tue, 14 May 2024 11:00:41 GMT
server: cloudflare
etag: "66434459-6b30"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNUS3CblaYNHGdZkZQtmgT6vGfpBNQaUxFyuDlB0qHUHOJea9i0NrAC%2BgaKxf53WcZTLRbzCwKHqgptS5kDCR8E1VVHCQ3h%2F4kztyKlmfQ2ZmXacc9y9XgKL%2BXqbXxfO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca8fbb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 11:02:09 GMT

GET
H3 200 slrclub_best_article_573519_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 13 KB
13 KB 116ms
115ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/slrclub_best_article_573519_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b467846e78517fc1aedd42f548af09351ff458a853763145d4de7a725af47b4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25610
alt-svc: h3=":443"; ma=86400
content-length: 13230
last-modified: Tue, 14 May 2024 09:30:20 GMT
server: cloudflare
etag: "66432f2c-33ae"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOROrWWoJ9rStZRHiyZQ3ZrkG5Pkf8g3lVERup3CFIb3g%2FK81xcVGPjEGZpuTPrlnlGi59ix%2F2gbivmuNcIYO%2BOCkrLhWdOOmkn649zDwD6vdxStjW9UY2UC0zcQVtzx"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca90bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 09:58:31 GMT

GET
H3 200 fmkorea_best_7029914655_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 30 KB
31 KB 145ms
144ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/fmkorea_best_7029914655_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65969925fbe2c102a64f4adb8826b9736bae7f13816512e876102fc0a98fbf0e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21964
alt-svc: h3=":443"; ma=86400
content-length: 30716
last-modified: Tue, 14 May 2024 09:17:23 GMT
server: cloudflare
etag: "66432c23-77fc"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Pb4fqsoWfoofwxHdD5Psbt58BFQBcJ2oHyhEMQKSQZWcENiJy968%2F1DiRyzJJo%2Bz4whiFAEVN%2Bv76p0ldTTv0L4I0N%2FyhEd0WVtsiV3MSJ54lJMdcgJQf44KxXH1H%2Bq"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c7905ca97bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 10:59:17 GMT

GET
H3 200 ppomppu_freeboard_8795087_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 18 KB
18 KB 89ms
89ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/ppomppu_freeboard_8795087_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af37a98c0f6a54bf07a2d252c60d49646742f3cf185b71a0049b2566defcbd6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2875
alt-svc: h3=":443"; ma=86400
content-length: 18408
last-modified: Tue, 14 May 2024 08:30:23 GMT
server: cloudflare
etag: "6643211f-47e8"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPbuksHY29J6Uu%2F2TdcXCXL2tZAKPHM1CHohdiQZaMRWzhdSkb6oARavyznaeTt5VDPVGF6mC4LqgLUKhxuwMALqdXbreT5RMWNBd35Z1N76h1F8umHk1RjeR%2BfhzhG9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c79063b04bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:17:26 GMT

GET
H3 200 dogdrip_557099591_thumbnail.webp
image.bada.io/files/thumbnail/2024/05/14/ 22 KB
23 KB 90ms
90ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bada.io/files/thumbnail/2024/05/14/dogdrip_557099591_thumbnail.webp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c954d7398e5ae99e94640cc323a61ff1392f6f1e792892c3770578965ce46c4b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2865
alt-svc: h3=":443"; ma=86400
content-length: 22564
last-modified: Tue, 14 May 2024 08:20:51 GMT
server: cloudflare
etag: "66431ee3-5824"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j26K1JAf0GPM9%2BdL3xnzwnY8aF3BeF0DHhuDXhKzr8wxV%2FKy1ZnGx55dPi962zf6RV3Wub%2B4bposSdmkrEPUkJv6qGn0bdSYUM7i%2B9FrP3exHkZRgPKhysbQeNON38vQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 883c79063b07bb61-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Tue, 21 May 2024 16:17:36 GMT

GET
H3 200 bada_icon_font.ttf
3rd.bada.io/assets/fonts/ 2 KB
2 KB 575ms
573ms Font
application/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/fonts/bada_icon_font.ttf
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/assets/css/custom_menu.css?v=1.2.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db6bc53980a7ef455a732c97f73fd0749b2804512d8b7d5b5b95b95b3f715f8f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/assets/css/custom_menu.css?v=1.2.4
Origin: https://3rd.bada.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c170e50-6ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oy2oFxl1gpZB8f1Vcs2qIH6QpEVoUV%2F42JDFtvdhRXm8gB1T2oTjelTppOZUxwMTZiu4mfzNxXL2ALx2nwvu5wp9%2B1IXTjoPQ3SOO86bDM6c6bnOZIHAhgTCwFWcrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 883c7905ca62bb61-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1708

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 128ms
73ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://3rd.bada.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 444869
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d150b5aea20f66055e3dc351981e3569
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 883c79062b5d34c8-WAW
cdn-requestpullsuccess: True

GET
H3 200 icomoon.woff
3rd.bada.io/assets/fonts/ 9 KB
9 KB 599ms
598ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/assets/fonts/icomoon.woff?hu5l71
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/assets/css/custom-icon-set.css?v=1.2.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e45d113e473976e3332e67478b46e28e96e4f787fcf03a134fa5da1878d67be

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/assets/css/custom-icon-set.css?v=1.2.4
Origin: https://3rd.bada.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8892
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: "5c170e50-22bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4z%2FgI9rlJagjuxtMtNescrU4olMJk%2B0MTLvHWy%2Fa5D5q6SVBlT0hY7el1d3ckxSFixvqmdnjkeal5R58liWgEHBEW7wwySVpL5mMAhPfxCVmWgiahxStgA0jnRPTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 883c7905ca6bbb61-FRA
expires: Tue, 21 May 2024 17:05:23 GMT

GET
H3 200 lightbox-loader.gif
3rd.bada.io/assets/img/ 432 B
954 B 61ms
60ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3rd.bada.io/assets/img/lightbox-loader.gif
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226b36940b98dd33646011460508a802661aaa8e43cd5150a905d5acc3ba45fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71751
alt-svc: h3=":443"; ma=86400
content-length: 432
pragma: public
last-modified: Mon, 17 Dec 2018 02:47:44 GMT
server: cloudflare
etag: "5c170e50-1b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUErdnMaqzOl3H1ep%2FUXwxtIPz85w8XtCyw8cvN7wNQd%2BShg3gL4cE3d8MFkFVArFEF8f76v5aqgWtnHnsr1nnAAMMvyVuOEBLwk1L2S5QZTQ3SejZxHMyrbuNRIIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 883c790589d8bb61-FRA
expires: Mon, 20 May 2024 21:09:31 GMT

GET
H3

200

main.js Show response
3rd.bada.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 8636
Redirect Chain

https://3rd.bada.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://3rd.bada.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

8 KB
4 KB

81ms
81ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3rd.bada.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653e0358c3f99904283f2b9013b2cc50f4cf52601f4de175fe25fe4b95f11b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9u0OjImpixAr9PpT7wk7QMHeMYAuyneViHmIlWEleaN2Sessa%2FyZnOUKSJTFIh10SNXDEffco7TvV2Cxpqf69RykzSwomV9mAtTcTsDQKr93s5Dy9aN8013h%2FkekQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 883c79064b1dbb61-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 14 May 2024 17:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YkPRY5I9vfp0CiVc5NYBiGSqvo2QqrPTT9yzW9J1KjHU9iBadg0tEA55Ct%2F8aELy2NLJNJbYY6GwBsvpcCa2k0m2u6%2BiMVQ08dOELhfcsJWT85%2FeuQgSUzNNX0Cpdw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 883c7905ca5bbb61-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
92 KB 68ms
68ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7J7NEE5NDW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2YFQR27YKW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06c2f446eb000d49807d26acbe1aae6d2fbdc59f7933080a2ee6bd2a12252b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 17:05:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
100 KB 74ms
73ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2WYZ67W68W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2YFQR27YKW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

504f19d634ba38a8e2384e88e976ae0777a642ad8c605d932597a077f6b930de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 17:05:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
100 KB 103ms
103ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NVL7K8CP2B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2YFQR27YKW

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fe8537328162a12b9197d2ef6b384279988c2b3f74bd8c266bd5228afc5a713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102310
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 17:05:22 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 139ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2YFQR27YKW&gtm=45je45d0v886097189za200&_p=1715706322716&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1506748181.1715706323&ecid=201781334&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1715706322&sct=1&seg=0&dl=https%3A%2F%2F3rd.bada.io%2F&dr=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1213
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2YFQR27YKW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 147ms
49ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2YFQR27YKW&cid=1506748181.1715706323&gtm=45je45d0v886097189za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2YFQR27YKW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 111ms
63ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2YFQR27YKW&cid=1506748181.1715706323&gtm=45je45d0v886097189za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1515427615

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-54-230-228-76.muc50.r.cloudfront.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7587FF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 May 2024 15:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5059
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 14 May 2024 17:41:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 119ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 3rd.bada.tv
URL: https://3rd.bada.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 May 2024 17:05:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: zpb0AebEhxnwiWINVcD1A7RTCGQPh5DLTNhHwn0RgqM7FZ5Dql4KNCOlvKPsSTk4VOMmWbwz4bmgDddV8fehzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pageos.js Show response
cdn.intergient.com/pageos/1.10.44/ 399 B
777 B 39ms
39ms Script
text/javascript 2600:9000:2250:f600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.44/pageos.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ab32a26c83ce0dc44fdb771e2c17993734a11d4ea90159856ce04bde80635b4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:29:07 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2024 14:27:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 34576
etag: "8e684d05236a8f79adda050cdf35bdde"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 399
x-amz-cf-id: 3y0W9U11jpeOvHQiN7A3ZBAcdo5x3fWCS2UL-QUIRAnjYDl89o5l2w==

GET
H2 200 modules.e5979922753cf3b8b069.js Show response
script.hotjar.com/ 222 KB
55 KB 122ms
44ms Script
application/javascript 54.230.228.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e5979922753cf3b8b069.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3685459.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0c9367da8b34432f76a9ff9f347fc20129239f9a6b137bed9a830d02f501e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fdac4411ecb7b0a694eea0076a271eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 12496
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55998
last-modified: Tue, 14 May 2024 13:36:29 GMT
etag: "dabac5cc8e90131b43632bc82895bb8e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zRmtZcfuOIPjg5xcWadVZJGQRi93UyvIUiDvhgwW0f0N4jqRAt70pg==

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 223ms
45ms Script
text/javascript 2600:9000:266e:3e00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:3e00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 3c79956b099800a1dfab278539eca69e6d342d23cb84da7ae64e2892073d1374

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 05:50:48 GMT
content-encoding: gzip
via: 1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P8
age: 40475
etag: "bfd8-VZThowlA5aiyrkldSeXRxL5PQnE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18494
x-amz-cf-id: S0jk67f0HrTodHzTKxrY2ttTskbflL6z4CmhpHXFJpY4P_I2ms-hUw==
expires: Tue, 14 May 2024 17:50:48 GMT

GET
H3 200 / Show response
3rd.bada.io/bada/ajaxIF/insertVisitLogs/ 4 B
521 B 324ms
324ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/bada/ajaxIF/insertVisitLogs/?csrf_token_bada_2015=&blocked=3
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/assets/js/jquery-1.10.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a69b1b4265da07b57a2f10fabb78494a986e5c6d048e4bab322d04615916826e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://3rd.bada.io/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 14 May 2024 17:05:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCMIxOwIC9sl0WyRY9rfoPMpRyjE%2FmlBh%2B4%2BraPPRuuMlXngyGyAI%2FYv9EGp%2FRBRtY%2BGyXhMStuUawCvWWUoQpRThFS27yjcjE5XnR0nbtyteN0U3mAajfT2NfP%2BbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: pre-check=0, post-check=0, max-age=0
cf-ray: 883c79064b21bb61-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 245 KB
80 KB 257ms
83ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAnV2TKji-DKnLVmtPH7IAV76P7d_ifhzQ&v=3.exp&language=en&region=us&libraries=places&callback=initializeLoc

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

51ed2d39fd5f1a39ebdfa477deba340db7f8611f5c24ee9b170bcb873531ff36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81743
x-xss-protection: 0

GET
H2 200 runtime.07f3ca608909275e875c.js Show response
cdn.intergient.com/pageos/1.10.44/ 3 KB
2 KB 43ms
41ms Script
text/javascript 2600:9000:2250:f600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.44/runtime.07f3ca608909275e875c.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fca79545021d2989e3d59dd9457c456b774d819cceb685e42a6e537ac9e29ea5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:28:45 GMT
content-encoding: br
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2024 14:27:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 34597
etag: W/"da0d0cf8bf6ff56f10090d293d2c6aad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: wIALEEaWFJu8N-uAkyduWcSiNgYObngvRYHqBhtg0YNhnzMn9gr-Zw==

GET
H2 200 main.540a1fd973152b4549c7.js Show response
cdn.intergient.com/pageos/1.10.44/ 192 KB
57 KB 50ms
49ms Script
text/javascript 2600:9000:2250:f600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfa388e15074912a29f1c94379b429b2f5f35f1cb2ce69ef283924bfe4808d31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:28:46 GMT
content-encoding: br
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2024 14:27:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 34597
etag: W/"ccf2278713414d6d1c9ecd1284863087"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Ze67PT_BHoy56EWvVFGTbSSQcf_dSviUS8gQ_gPcX44D2Jafatn0uw==

POST
H3 200 883c78ffe947bb61 Show response
3rd.bada.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8636 0
587 B 79ms
78ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/cdn-cgi/challenge-platform/h/g/jsd/r/883c78ffe947bb61
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95fYItgx184iVrT6kDb7Cn3k27VMgbBHq%2F%2BKtFRgw56ja5%2BhM29wg%2Bg5HHOeraUuogKZCncNw3dXLj8A%2FT4c%2FuR6a8707L%2BieoGpczpsjfEH24Q67WzNs0ias0Td9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 883c79079d61bb61-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 videoCard.5ed8eb34c11835040def.js Show response
cdn.intergient.com/pageos/1.10.44/ 559 B
937 B 40ms
40ms Script
text/javascript 2600:9000:2250:f600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.44/videoCard.5ed8eb34c11835040def.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/runtime.07f3ca608909275e875c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:28:46 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2024 14:27:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 34598
etag: "6880c1609e3243c11c7b4f1285e14d89"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 559
x-amz-cf-id: jwN3POqovjDtaaZ1E53j0hO8xxMjE0LCob-okJ0kZl5TdU79sihLRg==

GET
H2 200 iframe.html
cdn.intergient.com/pageos/1.10.44/iframe/ Frame 6029 0
0 122ms
40ms Document
text/html 2600:9000:2250:fa00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.44/iframe/iframe.html
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fa00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://3rd.bada.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 34576
cache-control: public, max-age=31536000
content-length: 498
content-type: text/html
date: Tue, 14 May 2024 07:29:08 GMT
etag: "3f502424ce5bd411fe4d6149ffb9a39b"
last-modified: Fri, 10 May 2024 14:27:17 GMT
server: AmazonS3
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-id: LIwEtCPUXaA7etqifUgZogWyGBlRjEpNO-hZW0_oX1YD5InktXaMWA==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 batchHandler.4c3be6daddfefd896cd2.js Show response
cdn.intergient.com/pageos/1.10.44/ 4 KB
2 KB 41ms
40ms Script
text/javascript 2600:9000:2250:f600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.44/batchHandler.4c3be6daddfefd896cd2.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/runtime.07f3ca608909275e875c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebcda6faea34bc0d04dd1f2383167341a863f8b80e01c8eb33b98b95f18c16f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:28:46 GMT
content-encoding: br
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2024 14:27:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 34598
etag: W/"8c8496f6d16c2b01d0402bd95af903dc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: iMY48oR1ZIBm0h0aaY92rlAiCc8FwSPDj1QT_SL8bJGIx0FGG8GmOA==

GET
H2 404 banner.json Show response
config.playwire.com/1024408/v2/websites/73055/ 0
758 B 284ms
173ms XHR
text/plain 2600:9000:223c:de00:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1024408/v2/websites/73055/banner.json
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:de00:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
via: 1.1 vegur, 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: FRA56-P2
x-cache: Error from cloudfront
content-length: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1715706323&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=raRaKLZIp6ocf8cECXJrr3mujHix1h6WfFPMf0iUPyk%3D
server: Cowboy
access-control-max-age: 7200
access-control-allow-methods: GET
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715706323&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=raRaKLZIp6ocf8cECXJrr3mujHix1h6WfFPMf0iUPyk%3D"}]}
access-control-allow-origin: *
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
x-amz-cf-id: AGjWQQmeLxvrLkjRgCvWclWgG271-HrPY0RY6aUJ9U1yBaDmDKNZYg==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 114 KB
43 KB 131ms
47ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/playwireprebidheader597261727146/moatheader.js

Requested by

Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 May 2024 17:05:23 GMT
content-md5: cjVIG7ARlfXfN5VfA9ykBA==
storage-tier: Standard
content-length: 43167
opc-meta-btime: 2024-04-22T05:23:36Z
opc-meta-mtime: 1713763416
last-modified: Mon, 22 Apr 2024 21:18:38 GMT
opc-request-id: iad-1:FJ8IsGdkeWXnNP9EdwQuyJ-e9H23xQgZl6fqxSDpfxJL1lFaSB4pqPIl8UQ7rszL
x-api-id: native
etag: 8a97064e-7cbc-429e-85f5-49f78753ed29
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 404e9696-0589-4a6d-8258-efd500705153
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=12173
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 151ms
54ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 14 May 2024 17:05:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7J7NEE5NDW&gtm=45je45d0v887830944za200&_p=1715706322716&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1506748181.1715706323&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715706323&sct=1&seg=0&dl=https%3A%2F%2F3rd.bada.io%2F&dr=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7J7NEE5NDW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2WYZ67W68W&gtm=45je45d0v9122551882za200&_p=1715706322716&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1506748181.1715706323&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715706323&sct=1&seg=0&dl=https%3A%2F%2F3rd.bada.io%2F&dr=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1569
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WYZ67W68W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 50ms
50ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2WYZ67W68W&cid=1506748181.1715706323&gtm=45je45d0v9122551882za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WYZ67W68W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
65ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2WYZ67W68W&cid=1506748181.1715706323&gtm=45je45d0v9122551882za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1400820670

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NVL7K8CP2B&gtm=45je45d0v9122553399za200&_p=1715706322716&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1506748181.1715706323&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715706323&sct=1&seg=0&dl=https%3A%2F%2F3rd.bada.io%2F&dr=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1601
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NVL7K8CP2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 48ms
47ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NVL7K8CP2B&cid=1506748181.1715706323&gtm=45je45d0v9122553399za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NVL7K8CP2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 65ms
64ms Image
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&cv=1&rv=45d0&tc=16&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&mtd=__e0&mec=__e2&z=0

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 162ms
161ms Image
image/gif 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&dl=3rd.bada.io%2F&tdp=G-NVL7K8CP2B;122553399;0;2;0&frm=0&rtg=86097189&rlo=23&slo=11&z=0
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 66ms
66ms Image
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&cv=1&rv=45d0&tc=16&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&mec=__e4&z=0

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 67ms
66ms Image
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&cv=1&rv=45d0&tc=16&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&tr=1gct&ti=1gct&mec=__e6&z=0

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 68ms
67ms Image
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&cv=1&rv=45d0&tc=16&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&mec=__e6&z=0

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 84ms
83ms Image
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&cv=1&rv=45d0&tc=16&es=1&e=gtag.config&eid=8&u=AAAAAAAAAAAAAAAAAAAAAABA&h=Ag&mec=__e6&z=0

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 69ms
68ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NVL7K8CP2B&cid=1506748181.1715706323&gtm=45je45d0v9122553399za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=706811910

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
219 B 50ms
49ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=391267300&t=pageview&_s=1&dl=https%3A%2F%2F3rd.bada.io%2F&dr=https%3A%2F%2F3rd.bada.tv%2F&ul=de-de&de=UTF-8&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=646598394&gjid=375892815&cid=1506748181.1715706323&tid=UA-2556552-9&_gid=1151698614.1715706323&_r=1&_slc=1&gtm=45He45d0n81W7587FFza200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1654749712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a79f53a5babfcb225f52c268024415bfcf07344e6509ae8ed83dcbb9260da919

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 3685459 Show response
vc.hotjar.io/sessions/ 0
232 B 159ms
72ms XHR
text/plain 54.230.228.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3685459?s=0.25&r=0.09845985525600942
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e5979922753cf3b8b069.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-119.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 14 May 2024 17:05:23 GMT
cache-control: no-store
via: 1.1 7b7e33ce27dedf9c28b39ecc0309b556.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
x-amz-cf-id: iReiZ_7Cgivj237jhLQSCkZ9lfm2s2eEvw3WKyDumZc96n3TTBuJ8g==
x-cache: Miss from cloudfront

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 382ms
131ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2F3rd.bada.io%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=63271095980595251178872687616952038165301090260415596179701113691128&nc=0&tsf=0&tsfmi=&pv=0&cb=1715706323707&ref=https%3A%2F%2F3rd.bada.tv%2F&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2115704966&at=&bid=e30%3D&di=W1siZWYiLDEwNzFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NzAsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjo0MjYy%0D%0AMDc0NTkzLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCI4MSxlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRw%0D%0Ab1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6%0D%0AY3VTQVBKL0d0Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYt%0D%0Admlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIs%0D%0AXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03%0D%0ALCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwi%0D%0AOltcImRlc2NyaXB0aW9uXCIsXCJrZXl3b3Jkc1wiLFwib2c6dGl0bGVcIixcInR3aXR0ZXI6dGl0%0D%0AbGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwi%0D%0Ae1wib1wiOjAuMDE4MDcyMjg5MTU2NjI2NTA1fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywi%0D%0AMTciXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMTE3MCwxNTcwLDExNzAsMTU3MCwwLDAsMSwy%0D%0ANCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAs%0D%0AMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNTA2NzQ4MTgxLjE3MTU3MDYzMjMiXSxbLTIxLCJlSkhx%0D%0AcWszbiJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCIt%0D%0AIl0sWy0yNiwie1widGpoc1wiOjI3MjkxMDAzLFwidWpoc1wiOjIwMzMwMjU5LFwiamhzbFwiOjQy%0D%0AOTQ3MDUxNTJ9Il0sWy0yNywiWzEwMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVu%0D%0AIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDAsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0i%0D%0AXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0z%0D%0ANCwiLSJdLFstMzUsIlsxNzE1NzA2MzIzNTY1LC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJd%0D%0AIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwyLDAsMCwwLDE5LDIxOSw4NzAs%0D%0AMzksMCwxMDUwLjksMTE4OS43LDE5MTgsMTkxOSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdl%0D%0AY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVs%0D%0AbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFst%0D%0ANDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQs%0D%0AIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUtREUs%0D%0AbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsMzA5XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A55%2C%22y%22%3A147%2C%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=n2MWGgcPUp&sdd=%7B%7D&pto=2062
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 102d3fb45091060d333bcac670c4e1f6ceff4fa6d3b7f429bcab6c5cef290aff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 14 May 2024 17:05:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1567
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1969197600059401 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 173ms
172ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1969197600059401?v=2.9.156&r=stable&domain=3rd.bada.io&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53f6e131e744e30b81a5ea57d5823c7b2353c359977adaab1cd8768163bea588

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 May 2024 17:05:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=64, mss=1294, tbw=63332, tp=-1, tpl=-1, uplat=132, ullat=0
pragma: public
x-fb-debug: pJItpzfebwGE6gAIIKEWutHKCRtinOFMCmVzf2OgN7uCsPBQhcZEnSjWxO8tlL7FppMMmqHjXKTacnmPavz6Yw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 49ms
49ms XHR
text/plain 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556552-9&cid=1506748181.1715706323&jid=646598394&gjid=375892815&_gid=1151698614.1715706323&npa=1&_u=YADAAAAAAAAAAC~&z=209246585

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 May 2024 17:05:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 66ms
66ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64TNV9EYRT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0f51072d6f95219ef5d27a79fc1461edad8d8802f89a2ad5b8754a230014c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 17:05:23 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 463ms
117ms XHR
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1715706323733&sessionId=b0ca952b-545d-cee7-e1a5-0da3ca0d1bf5&url=3rd.bada.io&cheqSource=1&cheqEvent=0&exitReason=3

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 14 May 2024 17:05:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: c3096b065659ec7217704ac623f056e8
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
6 KB 444ms
349ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=http%3A%2F%2F3rd.bada.io%2F&idx=0&rand=76463&widgetJSId=AR_3&va=true&et=true&format=html&clid=b0ca952b-545d-cee7-e1a5-0da3ca0d1bf5&fdu=3rd.bada.io&px=55&py=147&vpd=0&cw=300&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010784&sig=eJHqqk3n&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ref=https%3A%2F%2F3rd.bada.tv%2F&ogn=https%3A%2F%2F3rd.bada.io%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a433d43cff4970006d3c7312d1df1930dbf2bec3659a218c7fc081a112cf170c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 May 2024 17:05:24 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1715706324.864477,VS0,VE309
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: b788b30622d55c2f0b9c2f1f23b52647
accept-ranges: bytes
content-length: 5798
x-served-by: cache-lga21939-LGA, cache-fra-eddf8230099-FRA

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 186ms
58ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAnV2TKji-DKnLVmtPH7IAV76P7d_ifhzQ&v=3.exp&language=en&region=us&libraries=places&callback=initializeLoc

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://3rd.bada.io
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/ 256 KB
56 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAnV2TKji-DKnLVmtPH7IAV76P7d_ifhzQ&v=3.exp&language=en&region=us&libraries=places&callback=initializeLoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fcf5ff3a417317894caf4b6686f8bd4b586473d4e424909bccddf92df5187bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57215
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:08:00 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/ 182 KB
56 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAnV2TKji-DKnLVmtPH7IAV76P7d_ifhzQ&v=3.exp&language=en&region=us&libraries=places&callback=initializeLoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b16f3736481c5ae603ecc80c97ef9087635a6d6e5fcc47c1a065cdd5da7bee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 10:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57149
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 10:31:37 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/ 93 KB
24 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAnV2TKji-DKnLVmtPH7IAV76P7d_ifhzQ&v=3.exp&language=en&region=us&libraries=places&callback=initializeLoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc8b0d60a3b124ba0df1b077d13fa8b67cf26fad374f0143ba6ba36e69d4283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24953
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:02:40 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/ 43 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAnV2TKji-DKnLVmtPH7IAV76P7d_ifhzQ&v=3.exp&language=en&region=us&libraries=places&callback=initializeLoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6124405703e093198fd7f87a08d5bf6527819f095047c7ab18fdea5d7ce35e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13222
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:30:08 GMT

GET
H2 200 aws-sdk-kinesis.min.js.br Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
57 KB 44ms
44ms Script
text/javascript 2600:9000:2250:f600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/batchHandler.4c3be6daddfefd896cd2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:17:55 GMT
content-encoding: br
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 19:02:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 36837
etag: "575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 57858
x-amz-cf-id: qOxgKbfJtwsxFgbTmgZSnkjmwZrL2As7Q4fX0TqFQHRuYDUtZtMtRQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 143ms
64ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556552-9&cid=1506748181.1715706323&jid=646598394&npa=1&_u=YADAAAAAAAAAAC~&z=1216073892

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
63ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556552-9&cid=1506748181.1715706323&jid=646598394&npa=1&_u=YADAAAAAAAAAAC~&z=1216073892

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 887 B
1 KB 330ms
175ms Script
text/html 132.226.214.62
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M2f%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-py0NafZqZuE7EwdRRX8kBXBUoBjvo%2Fq5911ZGOf1A%2FUbT1799f26WWsjQm8Nsq1KV0Y%3D&rs=1-IUrPtvcVxBSdPA%3D%3D&sc=1&os=1-%2BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(%7CyCmZLjoK&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2F3rd.bada.io%2F&pcode=playwireprebidheader597261727146&rx=866584754331&callback=MoatNadoAllJsonpRequest_84255169
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 1c15fdc7c3bf19e9fdc58dd7460722b82d46697cc03f0456c23343f1a60751c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:24 GMT
server: istio-envoy
etag: "0bf9acbdb17abfac6a7184eb0b129303e8bb93d9"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 119
timing-allow-origin: *
content-length: 887

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 120ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1969197600059401&ev=PageView&dl=https%3A%2F%2F3rd.bada.io%2F&rl=https%3A%2F%2F3rd.bada.tv%2F&if=false&ts=1715706324042&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4158&fbp=fb.1.1715706324041.1491446312&ler=other&cdl=API_unavailable&it=1715706323723&coo=false&rqm=GET

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 May 2024 17:05:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 50ms
49ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-64TNV9EYRT&gtm=45je45d0v9122550739za200&_p=1715706322716&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1506748181.1715706323&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F3rd.bada.io%2F&dr=https%3A%2F%2F3rd.bada.tv%2F&dt=bada%20-%20%ED%95%B4%EC%99%B8%20%EA%B1%B0%EC%A3%BC%20%ED%95%9C%EC%9D%B8%20%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EB%B0%94%EB%8B%A4&sid=1715706324&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2413
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64TNV9EYRT&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 17:05:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3rd.bada.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 143ms
51ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:24 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 14 May 2024 17:05:24 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 144ms
52ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:24 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 14 May 2024 17:05:24 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 209ms
115ms XHR
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1715706324107&sessionId=b0ca952b-545d-cee7-e1a5-0da3ca0d1bf5&url=3rd.bada.io&cheqSource=1&cheqEvent=2&responseTime=1210

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 14 May 2024 17:05:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8c2809c1aa63414873cf4b1233f3cadd
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 120ms
120ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00126bebc035ec4488999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60635f578aee5d5eb474fbd408dbd39e821da61c45085052aae2d05f91e46042ccc5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82e1c08f77f6fb6900407bf8eaa36d619fa45b59a1bc45dd7dd3d9179279c8b218e6dc183baa18becea1d2aa427b1edaf7a0332be8765c4b543b1144204d70c4899c294dfcafac568880cfbaf96a856c95a3460de2e28c092c514248ae974ad05b3c91dc670ae2a111f019b6ced5fdf93ae7ef8c978d00ce9cf849b369e5f086dfe58171f75443387e223b2429494d46ae58e62fe8121d6c2b1a52fdde3a91f7670c8b1671f89e55a1459a6beb37aad3a9ae840ecfc33b174a32d9651d208d4ab35db0726e7aa8e7b393f611f37085a17b6e08c6cd202ab444e4329fba84edf98180ae2b9dfbabc6bdeece4fc86f0b3f04b4f3ffb5b87b6596d825f641bd7605f6d6df67bab7005c3ebc1678d7cd6258bae2ca0a41fca69053354776e0f8e92f6d13d6747df49579fd7c5a9f39f1143cbf2ce22d3913722868500362dbbd48c4a33f46797559f57&cb=1715706324107&cri=n2MWGgcPUp
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 14 May 2024 17:05:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 4 KB
4 KB 47ms
46ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 13 Jun 2024 17:05:24 GMT
date: Tue, 14 May 2024 17:05:24 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "1415406c6886077dae89bf474cd6c146:1708851051.235098"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4128
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 45ms
45ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: 3rd.bada.io
URL: https://3rd.bada.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 13 Jun 2024 17:05:24 GMT
date: Tue, 14 May 2024 17:05:24 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 474ms
116ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=dfc8d6105c2b74c6b8602b9bb81bdb49_55382_1715706324120_1&tm=1438&eT=0&widgetWidth=300&widgetHeight=250&widgetX=55&widgetY=147&wRV=2010784&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=450&oo=true&lo=1086&obreq=949&mvreq=2103&mvres=2553&cet=4g&to=1715706321647&ll=0&chs=1&ab=0&wl=0&retries=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 17:05:24 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: ca3a52742445c62d7ad3588218ecb731
Content-Length: 6

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 4 KB
2 KB 389ms
389ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=http%3A%2F%2F3rd.bada.io%2F&idx=1&rand=39413&widgetJSId=AR_3&va=true&et=true&format=html&t=OTY1YzAxODhhYTBjNzAyNWRlYzNjNzI3ZjQ1ZTUxMWM=&clss=lnkhouc%2Bbt2ZC6npn42AEFIqctGxnv6itNCA6V7MikV%2FLGK56uKwfkZj%2BXZizLPtwHg8%2BgbAoaQAq0G%2Bv5dgjA%3D%3D&px=395&py=147&vpd=0&cw=300&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010784&sig=eJHqqk3n&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ref=https%3A%2F%2F3rd.bada.tv%2F&ogn=https%3A%2F%2F3rd.bada.io%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57d198a63725cc0f8cc1738e6f324b57194f4277d90144ca7069715bfef9d31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 May 2024 17:05:24 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1715706324.237231,VS0,VE342
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: bbc4321513fd0605b74b0648b122f332
accept-ranges: bytes
content-length: 1978
x-served-by: cache-lga21962-LGA, cache-fra-eddf8230099-FRA

GET
H2 200 eyJpdSI6ImU5ZDIzYWZhZDYzOGQ3M2E0NDkzOTA4OTE2YjI5YjdmN2MyZDZjMGYyYmIyNTg2Y2JkMzBiNDY1ZThmYWEyODYiLCJ3IjozMDAsImgiOjI1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 13 KB
14 KB 187ms
40ms Image
image/webp 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU5ZDIzYWZhZDYzOGQ3M2E0NDkzOTA4OTE2YjI5YjdmN2MyZDZjMGYyYmIyNTg2Y2JkMzBiNDY1ZThmYWEyODYiLCJ3IjozMDAsImgiOjI1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

3caf81d4cd2262c5831eb4ed3699b519e0321e79364195fad031a6e91b1f002b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 May 2024 17:05:24 GMT
last-modified: Fri, 10 May 2024 05:42:08 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2355809
access-control-allow-credentials: false
x-traceid: ba01caf47f12831867c0b8062aee39ce
timing-allow-origin: *, *
content-length: 13640

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 61ms
60ms Image
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&cv=1&rv=45d0&tc=16&es=1&e=*&eid=31&u=AgAAAAAAAAAAACAAAAAAAABA&h=Ag&mec=__e8&z=0

Requested by

Host: 3rd.bada.io
URL: https://3rd.bada.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:24 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 0
271 B 117ms
116ms Fetch 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=119ea786ee55a7b4eb38dadb092b8c4e&pvId=965c0188aa0c7025dec3c727f45e511c&sid=7893771&pid=55382&idx=1&wId=110&pad=0&org=0&tm=1836&eT=0&cnsnt=no_consent&widgetWidth=300&widgetHeight=250&widgetX=395&widgetY=147&wRV=2010784&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=393&oo=true&lo=1086&obreq=949&mvreq=2562&mvres=2954&cet=4g&to=1715706321647&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
Date: Tue, 14 May 2024 17:05:24 GMT
access-control-expose-headers: content-range
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 163bb3f0d65d6572612a387cf38a518f
Content-Length: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 4 KB
2 KB 162ms
162ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=http%3A%2F%2F3rd.bada.io%2F&idx=2&rand=43425&widgetJSId=AR_3&va=true&et=true&format=html&t=OTY1YzAxODhhYTBjNzAyNWRlYzNjNzI3ZjQ1ZTUxMWM=&clss=lnkhouc%2Bbt2ZC6npn42AEFIqctGxnv6itNCA6V7MikV%2FLGK56uKwfkZj%2BXZizLPtwHg8%2BgbAoaQAq0G%2Bv5dgjA%3D%3D&px=890&py=462&vpd=0&cw=160&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010784&sig=eJHqqk3n&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ref=https%3A%2F%2F3rd.bada.tv%2F&ogn=https%3A%2F%2F3rd.bada.io%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9cb83b1cd2c934c5b06fa8cd48e7cc1a5d73b762e6808127e55cc2b5b352dd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 May 2024 17:05:24 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1715706325.623529,VS0,VE122
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: 37cab1854cb42d496f174fc8c5cad2e5
accept-ranges: bytes
content-length: 1975
x-served-by: cache-lga21969-LGA, cache-fra-eddf8230099-FRA

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 0
271 B 116ms
114ms Fetch 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7d765c94d8925a535b2cf5c1ecb6376e&pvId=965c0188aa0c7025dec3c727f45e511c&sid=7893771&pid=55382&idx=2&wId=110&pad=0&org=0&tm=2174&eT=0&cnsnt=no_consent&widgetWidth=160&widgetHeight=600&widgetX=890&widgetY=462&wRV=2010784&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=336&oo=true&lo=1086&obreq=949&mvreq=2956&mvres=3292&cet=4g&to=1715706321647&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
Date: Tue, 14 May 2024 17:05:24 GMT
access-control-expose-headers: content-range
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 4bfb65af889a70cffa8d7ffd188ec3b2
Content-Length: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 4 KB
2 KB 151ms
150ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=http%3A%2F%2F3rd.bada.io%2F&idx=3&rand=72232&widgetJSId=AR_3&va=true&et=true&format=html&t=OTY1YzAxODhhYTBjNzAyNWRlYzNjNzI3ZjQ1ZTUxMWM=&clss=lnkhouc%2Bbt2ZC6npn42AEFIqctGxnv6itNCA6V7MikV%2FLGK56uKwfkZj%2BXZizLPtwHg8%2BgbAoaQAq0G%2Bv5dgjA%3D%3D&px=1400&py=802&vpd=-398&cw=160&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010784&sig=eJHqqk3n&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ref=https%3A%2F%2F3rd.bada.tv%2F&ogn=https%3A%2F%2F3rd.bada.io%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62de1ee9fdf439c91f3bc8bd8763e8b5ede0f0e409ed4b1b640b8e1ebbce8094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 May 2024 17:05:25 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1715706325.963368,VS0,VE111
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: f11d30e7df1b80f1b7ac13f9829d8b01
accept-ranges: bytes
content-length: 1973
x-served-by: cache-lga21940-LGA, cache-fra-eddf8230099-FRA

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 0
271 B 117ms
117ms Fetch 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=180b0e8e29e9a9597cff0577d90914fd&pvId=965c0188aa0c7025dec3c727f45e511c&sid=7893771&pid=55382&idx=3&wId=110&pad=0&org=0&tm=2330&eT=0&cnsnt=no_consent&widgetWidth=160&widgetHeight=600&widgetX=1400&widgetY=802&wRV=2010784&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=154&oo=true&lo=1086&obreq=949&mvreq=3295&mvres=3448&cet=4g&to=1715706321647&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
Date: Tue, 14 May 2024 17:05:25 GMT
access-control-expose-headers: content-range
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 93d93eda35a556718a7e96a85df06f3e
Content-Length: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 4 KB
2 KB 153ms
152ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=http%3A%2F%2F3rd.bada.io%2F&idx=4&rand=80070&widgetJSId=AR_3&va=true&et=true&format=html&t=OTY1YzAxODhhYTBjNzAyNWRlYzNjNzI3ZjQ1ZTUxMWM=&clss=lnkhouc%2Bbt2ZC6npn42AEFIqctGxnv6itNCA6V7MikV%2FLGK56uKwfkZj%2BXZizLPtwHg8%2BgbAoaQAq0G%2Bv5dgjA%3D%3D&px=395&py=1507&vpd=307&cw=300&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010784&sig=eJHqqk3n&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ref=https%3A%2F%2F3rd.bada.tv%2F&ogn=https%3A%2F%2F3rd.bada.io%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9dea71c16d2619e9563952012f3cd90826c15c9b55d2b831b856eec243f6d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 May 2024 17:05:25 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1715706325.117004,VS0,VE113
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: ad2d268458be5a3a53fdb13b4050e8d5
accept-ranges: bytes
content-length: 1972
x-served-by: cache-lga21921-LGA, cache-fra-eddf8230099-FRA

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 0
271 B 115ms
114ms Fetch 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=e85a12530f3fddb510811dca9c299783&pvId=965c0188aa0c7025dec3c727f45e511c&sid=7893771&pid=55382&idx=4&wId=110&pad=0&org=0&tm=2486&eT=0&cnsnt=no_consent&widgetWidth=300&widgetHeight=250&widgetX=395&widgetY=1507&wRV=2010784&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=155&oo=true&lo=1086&obreq=949&mvreq=3449&mvres=3604&cet=4g&to=1715706321647&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
Date: Tue, 14 May 2024 17:05:25 GMT
access-control-expose-headers: content-range
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: b56d8bfd8c861540f016c141cd380d62
Content-Length: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 4 KB
2 KB 149ms
149ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=http%3A%2F%2F3rd.bada.io%2F&idx=5&rand=99680&widgetJSId=AR_3&va=true&et=true&format=html&t=OTY1YzAxODhhYTBjNzAyNWRlYzNjNzI3ZjQ1ZTUxMWM=&clss=lnkhouc%2Bbt2ZC6npn42AEFIqctGxnv6itNCA6V7MikV%2FLGK56uKwfkZj%2BXZizLPtwHg8%2BgbAoaQAq0G%2Bv5dgjA%3D%3D&px=735&py=1507&vpd=307&cw=300&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&cha=x86&chb=64&chfv=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&chpv=10.0.0&chp=Win32&version=2010784&sig=eJHqqk3n&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ref=https%3A%2F%2F3rd.bada.tv%2F&ogn=https%3A%2F%2F3rd.bada.io%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f05d307757bde555b4075fdffe18f8d34c554be96004573756f4a58b5afa5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 May 2024 17:05:25 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1715706325.271683,VS0,VE110
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: a30bbfda4b21b665b34ae0efaeb7356f
accept-ranges: bytes
content-length: 1970
x-served-by: cache-lga13621-LGA, cache-fra-eddf8230099-FRA

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 0
271 B 115ms
114ms Fetch 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=6d98d30f6382ccd8045b5998137eca9c&pvId=965c0188aa0c7025dec3c727f45e511c&sid=7893771&pid=55382&idx=5&wId=110&pad=0&org=0&tm=2637&eT=0&cnsnt=no_consent&widgetWidth=300&widgetHeight=250&widgetX=735&widgetY=1507&wRV=2010784&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=150&oo=true&lo=1086&obreq=949&mvreq=3605&mvres=3755&cet=4g&to=1715706321647&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
Date: Tue, 14 May 2024 17:05:25 GMT
access-control-expose-headers: content-range
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 07277e1541d458e5b54904df85f2c0d3
Content-Length: 0

GET
H3 200 favicon.ico
3rd.bada.io/ 107 KB
18 KB 56ms
55ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3rd.bada.io/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 621c2a88264ba72702b61b0f618f9853e7a8ca197409297c55a3c39b12990575

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127813
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 15 Oct 2020 02:51:51 GMT
server: cloudflare
etag: W/"5f87b947-1ab55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRZGHBfZGjNCIp5I8d3NWHNO3Wz9iumncDrvdqvM222EBjuMNkGBOxzkg4jrZfcsR5jVmSBgq8MmQ2fVBhZg1wwxJH0c1GdJCc9sUTxAW0Af5CmcddKnoAB4driItA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=604800, must-revalidate, proxy-revalidate
cf-ray: 883c79168df1bb61-FRA
expires: Mon, 20 May 2024 05:35:12 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 60ms
59ms Image
text/html 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NVL7K8CP2B&v=3&t=t&pid=1391657730&cv=1&rv=45d0&tc=16&es=1&e=gtm.load&eid=32&u=AgAAAAAAAAAAACAAAAAAAABA&h=Ag&mec=__e10&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://3rd.bada.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:05:25 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
444 B 466ms
117ms Ping
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/api/loggerBatch/log-viewability

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS