urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei...
Submission: On November 02 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 122 IPs in 18 countries across 122 domains to perform 595 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
37 151.101.1.44 54113 (FASTLY)
1 2 192.96.203.13 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
3 178.250.1.11 44788 (ASN-CRITE...)
2 2a04:4e42:200... 54113 (FASTLY)
3 4 162.210.196.208 30633 (LEASEWEB-...)
6 2a00:1450:400... 15169 (GOOGLE)
23 185.180.223.67 49981 (WORLDSTREAM)
5 2a00:1450:400... 15169 (GOOGLE)
8 23.97.225.52 8075 (MICROSOFT...)
15 185.106.33.48 200478 (TABOOLA-AS)
21 2a00:1450:400... 15169 (GOOGLE)
3 3 23.60.204.187 16625 (AKAMAI-AS)
14 95.101.149.233 16625 (AKAMAI-AS)
6 8 2a05:d018:d29... 16509 (AMAZON-02)
17 52.223.40.198 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
20 63.34.177.0 16509 (AMAZON-02)
12 104.22.68.131 13335 (CLOUDFLAR...)
2 3.78.106.17 16509 (AMAZON-02)
4 26 51.38.120.206 16276 (OVH)
2 34.120.63.153 396982 (GOOGLE-CL...)
5 22 104.18.36.155 13335 (CLOUDFLAR...)
1 6 35.227.252.103 15169 (GOOGLE)
2 18.158.20.252 16509 (AMAZON-02)
3 7 145.40.97.67 54825 (PACKET)
2 178.250.1.8 44788 (ASN-CRITE...)
7 12 37.252.171.53 29990 (ASN-APPNEX)
2 95.101.149.35 16625 (AKAMAI-AS)
1 3 99.80.199.240 16509 (AMAZON-02)
2 69.173.144.137 26667 (RUBICONPR...)
2 2602:803:c003... 26667 (RUBICONPR...)
2 4 2620:116:800d... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 137.74.6.209 16276 (OVH)
15 17 18.159.23.195 16509 (AMAZON-02)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 185.180.220.208 49981 (WORLDSTREAM)
4 185.29.132.241 30419 (MEDIAMATH...)
2 4 69.173.144.165 26667 (RUBICONPR...)
3 3 193.108.153.18 20940 (AKAMAI-ASN1)
15 29 69.173.144.138 26667 (RUBICONPR...)
21 33 172.217.23.98 15169 (GOOGLE)
1 1 81.17.55.123 60781 (LEASEWEB-...)
3 9 35.244.174.68 15169 (GOOGLE)
2 7 209.54.182.161 16509 (AMAZON-02)
10 20 185.64.190.79 62713 (AS-PUBMATIC)
16 22 198.47.127.205 62713 (AS-PUBMATIC)
6 8 3.71.149.231 16509 (AMAZON-02)
3 3 52.212.188.233 16509 (AMAZON-02)
1 2 190.2.153.150 49981 (WORLDSTREAM)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
3 133.186.12.12 10010 (TOKAI TOK...)
9 141.226.228.48 200478 (TABOOLA-AS)
1 167.235.184.171 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 212.8.243.37 49981 (WORLDSTREAM)
2 5 52.95.115.196 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
7 7 52.211.134.127 16509 (AMAZON-02)
2 3 216.52.2.16 30282 (AS-INAPCD...)
2 2 52.71.244.122 14618 (AMAZON-AES)
3 18.195.255.178 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:1f18:24e... 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.17 44788 (ASN-CRITE...)
5 133.186.12.13 10010 (TOKAI TOK...)
2 2a02:26f0:c6:... 20940 (AKAMAI-ASN1)
3 3 52.29.206.161 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
6 7 37.157.6.254 198622 (ADFORM)
5 5 64.202.112.191 23352 (SERVERCEN...)
6 8 185.86.138.151 201081 (SMARTADSE...)
8 2607:f8b0:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
9 178.250.1.3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
1 185.84.60.20 198622 (ADFORM)
10 2a00:1450:400... 15169 (GOOGLE)
3 178.250.1.25 44788 (ASN-CRITE...)
1 2600:1901:0:e... 396982 (GOOGLE-CL...)
3 17 34.98.64.218 396982 (GOOGLE-CL...)
4 6 222.230.178.130 2519 (VECTANT A...)
1 1 222.230.178.32 2519 (VECTANT A...)
1 1 139.162.23.100 63949 (AKAMAI-LI...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 13.32.27.45 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
2 3 76.223.111.18 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 34.255.59.27 16509 (AMAZON-02)
3 23.32.184.192 16625 (AKAMAI-AS)
10 2600:9000:205... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 3.211.73.67 14618 (AMAZON-AES)
4 216.52.2.48 32475 (SINGLEHOP...)
8 8 46.228.174.117 56396 (AMOBEE)
3 3 46.228.164.11 56396 (AMOBEE)
6 6 193.0.160.131 54312 (ROCKETFUEL)
1 1 69.166.1.34 27630 (AS-XFERNET)
3 3 18.210.34.36 14618 (AMAZON-AES)
2 2 8.2.108.175 46636 (NATCOWEB)
1 1 2.23.192.21 16625 (AKAMAI-AS)
7 9 54.173.102.35 14618 (AMAZON-AES)
3 3 37.157.6.233 198622 (ADFORM)
3 4 151.101.66.49 54113 (FASTLY)
1 52.20.87.123 14618 (AMAZON-AES)
4 4 52.6.229.247 14618 (AMAZON-AES)
4 4 13.32.27.28 16509 (AMAZON-02)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 35.208.249.213 15169 (GOOGLE)
3 198.47.127.19 3257 (GTT-BACKB...)
14 52.210.15.1 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
3 3 52.7.163.13 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 124.146.153.162 2514 (INFOSPHER...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 157.90.211.246 24940 (HETZNER-AS)
1 52.213.50.133 16509 (AMAZON-02)
2 2 188.42.34.64 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 178.250.1.7 44788 (ASN-CRITE...)
2 34.160.236.64 396982 (GOOGLE-CL...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 35.214.191.90 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 63.251.232.170 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.161.190 16276 (OVH)
2 2 141.94.170.64 16276 (OVH)
2 3 34.249.63.196 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
3 198.47.127.20 3257 (GTT-BACKB...)
2 2 98.98.134.243 21859 (ZEN-ECN)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 35.205.65.172 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 162.55.120.196 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.171.212 16276 (OVH)
595 122
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
16    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
37    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
pips.taboola.com
2    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    162.210.196.208 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
6    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
3175cde3d0f4452140400cda74adb5b0.safeframe.googlesyndication.com
23    185.180.223.67 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-67.hosted-by-worldstream.net
ad.vidverto.io
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
15    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
21    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    23.60.204.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-204-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
14    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
17    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
20    63.34.177.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
ads.servenobid.com
12    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
2    3.78.106.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-106-17.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
26    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
22    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    18.158.20.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-20-252.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
12    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
3    99.80.199.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-240.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
17    18.159.23.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-23-195.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidver.to
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
3    193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
29    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
33    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
1    81.17.55.123 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync-global.smartadserver.com
9    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
7    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
20    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
22    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
8    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    52.212.188.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-188-233.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
ad.mox.tv
9    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:2127:3600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
13    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    133.186.12.12 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p012.net133186012.broadline.ne.jp
js.genieessp.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
sync.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    212.8.243.37 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-243-37.hosted-by-worldstream.net
cdn.vidverto.io
5    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    52.211.134.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-134-127.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    216.52.2.16 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    52.71.244.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-244-122.compute-1.amazonaws.com
sync.ipredictive.com
3    18.195.255.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-255-178.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2600:9000:2251:2e00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:1f18:24e6:b900:adb4:94e5:4f5e:5116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    133.186.12.13 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p013.net133186012.broadline.ne.jp
ialaddin.genieesspv.jp
2    2a02:26f0:c6::210:6529 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
3    52.29.206.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-206-161.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
7    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
8    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
8    2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
9    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
10    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    178.250.1.25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
17    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
genieeintl-d.openx.net
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
6    222.230.178.130 (Hadano, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
cs.gssprt.jp
1    222.230.178.32 (Hadano, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
rt.gsspat.jp
1    139.162.23.100 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li865-100.members.linode.com
g.c.appier.net
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    13.32.27.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-45.fra56.r.cloudfront.net
public.servenobid.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    34.255.59.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-59-27.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
10    2600:9000:2057:bc00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    3.211.73.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-73-67.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
4    216.52.2.48 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
8    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    18.210.34.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-34-36.compute-1.amazonaws.com
ssp.disqus.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    2.23.192.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-192-21.deploy.static.akamaitechnologies.com
hbx.media.net
9    54.173.102.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-102-35.compute-1.amazonaws.com
a.audrte.com
3    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
cm.adform.net
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.20.87.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-87-123.compute-1.amazonaws.com
rtb.adentifi.com
4    52.6.229.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-229-247.compute-1.amazonaws.com
i.liadm.com
4    13.32.27.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net
live.rezync.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
14    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    52.7.163.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-163-13.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
3    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
1    52.213.50.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-50-133.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2a00:1450:400a:8::9 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
rr4---sn-1gieen7e.googlevideo.com
1    178.250.1.7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
2    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    85.114.159.93 (Mössingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.214.191.90 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 90.191.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.161.190 (France)

ASN16276 (OVH, FR)
PTR: bixel-2.cloudy.ovh
green.erne.co
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
3    34.249.63.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-63-196.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
openx2-match.dotomi.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    35.205.65.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.65.205.35.bc.googleusercontent.com
cookiesync.api.bliink.io
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
68 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
438 KB
62 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
15.taboola.com — Cisco Umbrella Rank: 6402
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
vidstat.taboola.com — Cisco Umbrella Rank: 3029
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
sync.taboola.com — Cisco Umbrella Rank: 1322
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
am-wf.taboola.com — Cisco Umbrella Rank: 17326
1 MB
55 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
108 KB
51 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
44 KB
40 googlesyndication.com
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
3175cde3d0f4452140400cda74adb5b0.safeframe.googlesyndication.com
398 KB
28 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
511 KB
26 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
29 KB
23 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
genieeintl-d.openx.net — Cisco Umbrella Rank: 305998
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
22 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
14 KB
21 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
11 KB
19 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
19 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
16 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
6 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
43 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
287 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
112 KB
12 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
9 KB
12 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
18 KB
11 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
adx3.adform.net — Cisco Umbrella Rank: 59130
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
7 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732
ssp-sync.criteo.com — Cisco Umbrella Rank: 1269
24 KB
10 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
5 KB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
9 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
6 KB
9 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
idsync.rlcdn.com — Cisco Umbrella Rank: 415
775 B
9 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
4 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
977 KB
7 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
937 B
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
5 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
6 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 17944
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
3 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
3 KB
5 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
5 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
297 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
openx2-match.dotomi.com — Cisco Umbrella Rank: 4926
1 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
1003 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
12 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
816 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
972 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
1012 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
12 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
1 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
1 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
12 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
322 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
497 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1324
316 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
906 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
961 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42792
302 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
989 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
179 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
440 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
1 bliink.io
cookiesync.api.bliink.io — Cisco Umbrella Rank: 10511
174 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
279 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
282 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
225 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 googlevideo.com
rr4---sn-1gieen7e.googlevideo.com — Cisco Umbrella Rank: 268510
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
2 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
829 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
462 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
373 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17718
244 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
35 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
625 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 appier.net
g.c.appier.net — Cisco Umbrella Rank: 80997
390 B
1 gsspat.jp
rt.gsspat.jp — Cisco Umbrella Rank: 59650
266 B
1 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
253 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
502 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
647 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
634 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
154 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
257 B
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
595 122
Domain Requested by
33 cm.g.doubleclick.net 21 redirects onetag-sys.com
eus.rubiconproject.com
googleads.g.doubleclick.net
adpushup-d.openx.net
ssbsync.smartadserver.com
g2.gumgum.com
26 onetag-sys.com 4 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
public.servenobid.com
www.bg3.co
csync.smilewanted.com
23 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
21 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
googleads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
20 image8.pubmatic.com 10 redirects cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
20 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
onetag-sys.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
18 pixel.rubiconproject.com 10 redirects onetag-sys.com
eus.rubiconproject.com
17 x.bidswitch.net 15 redirects onetag-sys.com
17 match.adsrvr.org www.bg3.co
onetag-sys.com
imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
16 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
15 il-trc-events.taboola.com www.bg3.co
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
imprammp.taboola.com
am-match.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
imasdk.googleapis.com
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 simage2.pubmatic.com 6 redirects ads.pubmatic.com
11 token.rubiconproject.com 5 redirects eus.rubiconproject.com
11 images.taboola.com www.bg3.co
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
10 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
10 us-u.openx.net 1 redirects adpushup-d.openx.net
eu-u.openx.net
10 pubads.g.doubleclick.net imasdk.googleapis.com
www.bg3.co
10 image2.pubmatic.com 10 redirects
10 ib.adnxs.com 5 redirects cdn.adpushup.com
eus.rubiconproject.com
acdn.adnxs.com
9 a.audrte.com 7 redirects ssbsync.smartadserver.com
ads.pubmatic.com
9 csync.smilewanted.com cdn.adpushup.com
public.servenobid.com
csync.smilewanted.com
onetag-sys.com
9 static.criteo.net ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bg3.co
8 csi.gstatic.com imasdk.googleapis.com
8 ups.analytics.yahoo.com 6 redirects onetag-sys.com
8 pr-bh.ybp.yahoo.com 6 redirects ads.pubmatic.com
eu-u.openx.net
8 e3.adpushup.com www.bg3.co
7 ssum-sec.casalemedia.com 3 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 match.prod.bidr.io 7 redirects
7 s.amazon-adsystem.com 2 redirects onetag-sys.com
eus.rubiconproject.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
7 prebid.a-mo.net 3 redirects cdn.adpushup.com
eus.rubiconproject.com
6 p.rfihub.com 6 redirects
6 sync.1rx.io 6 redirects
6 cs.gssprt.jp 4 redirects www.bg3.co
6 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
www.bg3.co
6 rtb.openx.net 1 redirects cdn.adpushup.com
eu-u.openx.net
5 idsync.rlcdn.com 3 redirects ssum-sec.casalemedia.com
5 rtb-csync.smartadserver.com 4 redirects ssbsync.smartadserver.com
5 b1sync.zemanta.com 5 redirects
5 ialaddin.genieesspv.jp www.bg3.co
5 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
adpushup-d.openx.net
ads.pubmatic.com
5 cdn.vidverto.io www.bg3.co
5 htlb.casalemedia.com cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
5 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 live.rezync.com 4 redirects
4 i.liadm.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
4 id.rlcdn.com onetag-sys.com
4 pixel-eu.rubiconproject.com 2 redirects onetag-sys.com
4 sync.mathtag.com onetag-sys.com
4 sync.aralego.com 3 redirects ads.aralego.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 am-wf.taboola.com vidstat.taboola.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 sync.richaudience.com 3 redirects
3 creativecdn.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 ssp.disqus.com 3 redirects
3 ad.turn.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 genieeintl-d.openx.net 1 redirects www.bg3.co
3 csm.eu.criteo.net ads.eu.criteo.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 pm.w55c.net 3 redirects
3 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
3 match.sharethrough.com eus.rubiconproject.com
public.servenobid.com
cs-server-s2s.yellowblue.io
3 ce.lijit.com 2 redirects eus.rubiconproject.com
3 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
3 js.genieessp.com www.bg3.co
3 ad.360yield.com 3 redirects
3 ads.stickyadstv.com 3 redirects
3 cdn.jsdelivr.net cdn.adpushup.com
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
3 secure-assets.rubiconproject.com 3 redirects
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 openx2-match.dotomi.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 odr.mookie1.com csync.smilewanted.com
ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 bh.contextweb.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 secure.adnxs.com 2 redirects
2 dmp.adform.net 2 redirects
2 us.ck-ie.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 eu-u.openx.net adpushup-d.openx.net
genieeintl-d.openx.net
2 cms.quantserve.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 fonts.gstatic.com ad.vidverto.io
2 pixel.tapad.com 1 redirects eus.rubiconproject.com
2 sync.ipredictive.com 2 redirects
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 ad.mox.tv 1 redirects onetag-sys.com
2 dis.criteo.com 2 redirects
2 fonts.googleapis.com cdn.taboola.com
securepubads.g.doubleclick.net
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 a.teads.tv cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 trc.taboola.com cdn.taboola.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 tr.blismedia.com eu-u.openx.net
1 www.youtube.com www.bg3.co
1 cookiesync.api.bliink.io csync.smilewanted.com
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 ssp-sync.criteo.com 1 redirects
1 cm.adform.net 1 redirects
1 rr4---sn-1gieen7e.googlevideo.com www.bg3.co
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 yt3.ggpht.com www.bg3.co
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 ads.playground.xyz 1 redirects
1 u.openx.net 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 trace.mediago.io 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 static.smilewanted.com csync.smilewanted.com
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 js-sec.indexww.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 rtb.fr3.eu.criteo.com www.bg3.co
1 g.c.appier.net 1 redirects
1 rt.gsspat.jp 1 redirects
1 audiencedata.im-apps.net dmp.im-apps.net
1 adx3.adform.net imasdk.googleapis.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 cds.taboola.com cdn.taboola.com
1 s.tribalfusion.com googleads.g.doubleclick.net
1 pips.taboola.com cdn.taboola.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 vidstatb.taboola.com www.bg3.co
1 am-vid-events.taboola.com www.bg3.co
1 http-intake.logs.datadoghq.com cdn.adpushup.com
1 live.primis.tech eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 s0.2mdn.net imasdk.googleapis.com
1 3175cde3d0f4452140400cda74adb5b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com www.bg3.co
1 inv-nets.admixer.net ad.vidverto.io
1 imprammp.taboola.com vidstat.taboola.com
1 rules.quantcount.com secure.quantserve.com
1 ssbsync-global.smartadserver.com 1 redirects
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 secure.quantserve.com cdn.adpushup.com
1 15.taboola.com cdn.taboola.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 static.bg3.co Failed www.bg3.co
595 205
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-11-26		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.api.bliink.io
GoGetSSL RSA DV CA		 2023-05-22 -
2024-06-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 101 frames:

Primary Page: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Frame ID: E96F1BDA62747AE4AC0675A013E5144A
Requests: 209 HTTP requests in this frame

Frame: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 91632CA3015AD24834B6E785885BE3A8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLF1gQbYF6xa9Efm11nPMF0lnOOf289t75JzBBMtqB9EfZQVA4wvclFNk3mVnPQshHSkTh_M6AhRRcc8ZE_6TkkhGpac-kihweTyHzTkd3ihU33lHPTWqF1HJ4fbICvyfxwDAWVDksU5no1VlFjVKs0nbRcnEuwqX4tBGrG9ptVbcO6l39zvS_chipg9PR7KrF6_HJGSxE0lVqO906fzvxaTVF7gj0wqSl4EgK_f3lHaCvnLmwgwLciVaAbBCyxEu7XoYdOM__atuJzcnOcyUcpaWBBcVbB0YxNNhloZGFDTTKKxoeqpSuMboFhc1_rlfqHg&sai=AMfl-YTWmjXTveQIQQgk2B_5TdC50zGAj2VeRzrho7R_6Tf1jLvh_Uei5lMqRL3koDErBK_buFW57CpbddLQDlXv5xfDhYS4_5a-oB8ZLwhF1sYZqVcpSjfSGZjcPGgpn3jZ_GIaDR4FAiHJ3ew5d7g6&sig=Cg0ArKJSzAdm4gc-k6mGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 83B970D1805B22A8A7280843CC525320
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 209CDF05579F12596A2DF1B6E0E7907E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B9B2E61ABE0475605A1F707231139B86
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 74B036FDB0F894ADB2E16E8B84FB9773
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 9F467BAEA60419A3D4BF56F3FCADCD67
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Frame ID: 6B1F4B52543E84D8634662579F5E38E3
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: F19FC40157CA3290330477EB9F0E3D63
Requests: 2 HTTP requests in this frame

Frame: https://js.genieessp.com/t/551/001/a1551001.js
Frame ID: 2E64E420DC55992436742D729ED9ADB1
Requests: 16 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1698920510465&uv=3352&tms=1698920510465&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9c020041-53a9-49bc-aab3-1a11038428e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: DD6E2A6B1EFE22ECF1BD6BBC7B50CE12
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D2F80A5FEFDD5B65634DA1899B7BF3BB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Frame ID: 483BB18CD83C51CFB737A647E1B1280D
Requests: 8 HTTP requests in this frame

Frame: https://3175cde3d0f4452140400cda74adb5b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4E3B1DE2F34B781690801AD3A45D90FD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: E04A37EA221EAF020F1B8B03D407E8C1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: D94C378EB51AABC750568DA36D451E9E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 555327CEC87630AD76462882102F91D4
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 26FE738B226621B7A9F4BF1C21C0769D
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: CA8EB32C78215EAAD67BE19B708F63D3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CB234A137254DA5631DF19927341AFB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7266F0EBDE786914CC80E02EE056F8AC
Requests: 2 HTTP requests in this frame

Frame: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0145C8588FBEFCC17F219AC7EF2F105
Requests: 9 HTTP requests in this frame

Frame: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F3EE3C020786A1534CD9D8794CB528E
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 375237826B210B457EE4619639A7F71D
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 26C0AA4F07F9845C97FC092BCAF238A4
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F0899682AC9685B8E9AFBF8344DFDA8
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 54F1ABACC9FCF8E77D302BAA27AF448A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CF8AB7B02D595403BA5245739C9AE825
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 090A3B675790E5BD3A74385FBE26C17E
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CA00ED4EF4BC67BD9C3EB0BF4BDFFD1E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9826F03A03E44DA782BDED453C915D16
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B867548169B7653D48047A4DC74D2E67
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 48C6DB6B561FA14A13A1352E19FBCEB2
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1698920510174
Frame ID: 1BAAA99B7EB33ADC2446D97EDB9BDC5A
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3C98F8C5E01E26D07957A60CC9ED8830
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: F754B4E6FC02F37AB4AF50708BC87A5E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 26DEA8E4D709FAB78777014297609D52
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 45B20827E2E0CE4929CB263D4AADDD5A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E114496BECCE06F65153F7BC10ECF2C6
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 5BA90DBDAED5DA8A5EEDA27B91A2C22B
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 24210CAFF3063ACC2332918EFF091BCC
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 994CFB5B4DB4C9190BCA569568B89867
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: DDD615C2B759C1AF6111C4B007971D96
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 51A843BFB03B9CFED5441D710C4F93F6
Requests: 10 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 84FE371E10A1F3583FBDEC4BFC2C136F
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 33579274EE4ADBAFE8A04FA215F23A33
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 20130ED605303798BC5CA7624AA0A08A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 4EA15F9284A030E064D1A3F4C2FCED2F
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 721155BDD13CDA1A4CA8B82CD04F58C5
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: A269FDA89007D47A53D43A4E5799D8EE
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 2BBA58EC9945C544B80D90219719EF75
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2D98C0E52E40C41B5582DECC2BE356CE
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=2467632124578826382&gdpr=0&gdpr_consent=
Frame ID: 52EC6868C06A8A3BE6AAF9CCB9F32D3D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mNzEzMzNlNi01MDgzLTQ0MTktYTk5ZC0yMjk3ODNmMTBiNmE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: F39C995D6170E93F07852A92C5D4DE7F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8EFC0A0FE5331A5E909BD229C34348F8
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 2F809BEFC312025391DB88CC9FE8523B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 480C991EBD1EBD31F4B8D256CD6E126E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZUN4QsCo8YIAAGWL1dEAAAAA
Frame ID: B4A0E23DA8B2F43964738D556CD88B78
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=xkgG0zfu0NftQwbLRi5u&pi=gumgum&tc=1
Frame ID: B356C2BC65898D9E02603A2D0A10D585
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 60E3F3A9AE68D63E48FE9C1E6C981B43
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 83164F654CBF51FE4385BB146D1C992A
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: DBA3150CECD4E5618DA1589528C2430B
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
Frame ID: 9D5A73B9A14386C69DB7833BD14C043C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
Frame ID: CB1CD28299CDCE3C52A99ED8FAE15553
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/be5fb09f-bab5-5232-97fd-7e91f2be06d3
Frame ID: 86F379E3653D6C08CD7352CC8FD6F7F4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Frame ID: 1E8F75503B1AAF7F4C27C2BCA79B5BBB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/2467632124578826382
Frame ID: BACEA761AD87A23C22A6A5AB52B599EF
Requests: 1 HTTP requests in this frame

Frame: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=criteo&gdpr=&gdpr_consent=
Frame ID: 537563FDB59FC6BDE84F95DAA06B2B6B
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: 881F03F9D42D78C44587120A903D3A5A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&redir=true&gdpr=0&gdpr_consent=
Frame ID: 7BBAD5DC27CB3EB2070463CF0BBD7716
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: 005BF8B2F1914869FACB34B969CF8BFB
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: 69C47D05C32A220062EEACE1C66AC566
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296808046146549916&gdpr=0&gdpr_consent=
Frame ID: 7526BD92BD49E53887094A3F8E42E7AC
Requests: 1 HTTP requests in this frame

Frame: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 069010D27AA5DA212EA4263F08C32523
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_npTEel5WHNtX_XPbHsnNLnDR9w&gdpr=0&gdpr_consent=
Frame ID: AE89E3D4FC96BA728BA60A1AE3C5296F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 777EEB0CD71A7674939461E3C0DED238
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 656C5D1EF83F2ED076494DB329F281BD
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F6301C4620064E127E590A987DACE9F5
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 9E3E52A592DB3B24826FCE6143A949F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 732A4298B9E191AB0178D16983196716
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A2BC0C102EA9073492DB435B13D30014
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CF755C8ED2809BA6EDC6C49FF6EEE8CB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E31157113158FDE797E6BAB60EB89FA3
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: B15D7BF225989A0CFE8C7F2D820FC56A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 6F4C325A3CA6230DAE37B2AA10984B5E
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 21A632FAE87958C7A53BA1B9DDBBCCA2
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CB9526944E6342DB9BA5089AA246B069
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: BBA2D123235B456F36114BC1667E52C3
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: 79CADC400B6A476706B0382DA147678E
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: B8768179FA089659B4349CB60F5E63B5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/341aa76c3feeccdb66e7d06d8269eac?gdpr_consent=&gdpr=0
Frame ID: 172D11EF1F718A1D99012E63DEC68DCD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 38037C79734FD783E1A09470F23C6D4F
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Frame ID: B212692654DB935175DD572CA23A5863
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=
Frame ID: 801085031BE3148BFE9A4AE59A88DF40
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 6F1A42D4A6861E3D7E531270C2B6CB03
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A2CB94AA03B6C96542CF87F9A8A84BE0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48C6BEFFDF2146F6962BF9F1B8B41114&gdpr=0&gdpr_consent=
Frame ID: C7FCD6A9BE82D95703BE479D40198989
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3921084277
Frame ID: 7F39DDACC6C894B04C33B2A121C50F55
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: B2241BF9CF5F9ED74A7B7032E27C9202
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: BCB472F19C4D2097BF5A2F58AF54E384
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Frame ID: 4386ED2B9C3D2A022B2D733DAD42BAB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

湖人、籃網聖誕大戰平均票價破2萬1 這場若取消NBA恐賠11億 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

595
Requests

74 %
HTTPS

22 %
IPv6

122
Domains

205
Subdomains

122
IPs

18
Countries

4908 kB
Transfer

21139 kB
Size

205
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 80
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 81
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/05e3d8c7-6920-3f1f-b93f-555ad1482cbc?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-b.OJ6vhE2oWOUhjgdBWgHI8yTEWMzI4APayUXfI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 141
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=3dc0edf3-0f99-40c9-8368-7a0a8c21b5d0&p_id=23
Request Chain 142
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f415c98d-f000-4f74-8052-d8d05d56b8e6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f415c98d-f000-4f74-8052-d8d05d56b8e6&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-ebecRL2hmk_Sd271iLbmKvLahZ__aOVbNwaJzw&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=650e328f-9a59-41ee-9574-4c21fdbf254d&p_id=15
Request Chain 146
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-1N-72WP&gdpr=0
Request Chain 147
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=553898122509061949
Request Chain 148
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
Request Chain 150
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-NspuwUdXZXMZfv9Xwr0mqsWXle-TIpA
Request Chain 151
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6075063565185387860
Request Chain 153
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s
Request Chain 154
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUJBQzRBOEItQ0M2OC00N0EzLTk0N0ItNDhGRDM5MTlBQjhD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Request Chain 156
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Request Chain 158
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=650e328f-9a59-41ee-9574-4c21fdbf254d&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D{SSP}%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}%26ssp%3D{SSP}%26bsw_param%3D{BSW_PARAM} HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=650e328f-9a59-41ee-9574-4c21fdbf254d&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D%7BSSP%7D%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT%7D%26ssp%3D%7BSSP%7D%26bsw_param%3D%7BBSW_PARAM%7D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=9c862516-bac4-4675-8fc3-65c5834d9915&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 159
  • https://ad.mox.tv/delivery/sync?userid=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s&p_id=5
Request Chain 202
  • https://pr-bh.ybp.yahoo.com/sync/taboola/02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
Request Chain 207
  • https://pr-bh.ybp.yahoo.com/sync/taboola/02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
Request Chain 208
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOH1ENG5-O-8APL HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOH1ENG5-O-8APL HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 223
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY3YTViYmMzODViZGQyNjgwYzBlNzQxYzliZmU3ZjFmNWM2N2MxYw
Request Chain 224
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1nBeCfmFQ5qzr1N0utsvkA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1nBeCfmFQ5qzr1N0utsvkA
Request Chain 225
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7xvm0DjITjSXxWKOgpFw-Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7xvm0DjITjSXxWKOgpFw-Q
Request Chain 226
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOH1ENG5-O-8APL
Request Chain 228
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ubMnw8IQv_5jNBfoBBDQbA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eSRIxzZE2oJYW9bSsaoVi0ZcYfkF9DeEGcp3Og--~A
Request Chain 229
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9IMUVORzUtTy04QVBM HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO3i0ZuZom_-_TubO3YjO9M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9IMUVORzUtTy04QVBM&google_push=
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE-zYQgyxxEhd3uXATGN71k&google_cver=1
Request Chain 231
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEWQE7KhvAAABe7vLWZ2g&expires=30
Request Chain 232
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOH1ENG5-O-8APL
Request Chain 233
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOH1ENG5-O-8APL
Request Chain 234
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1&expires=30
Request Chain 235
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOH1ENG5-O-8APL
Request Chain 236
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOH1ENG5-O-8APL HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOH1ENG5-O-8APL
Request Chain 237
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOH1ENG5-O-8APL
Request Chain 238
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOH1ENG5-O-8APL
Request Chain 258
  • https://pr-bh.ybp.yahoo.com/sync/taboola/02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
Request Chain 289
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&google_cver=1&google_push=AXcoOmSnYoeXM4CGEEL6akCzjMb4M2ecWNMIs8YqcK--OfkGzOEoJy0inrLhA-p_wZavY7Tr2yhkzg4eDRLayK2LJ6XIHPjTlgKv1eCKRGuyBI4l0s6sUjhem7SxyJmrcWolKJxWk5e6PSICO1fJ2f9KSZU HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&google_cver=1&google_push=AXcoOmSnYoeXM4CGEEL6akCzjMb4M2ecWNMIs8YqcK--OfkGzOEoJy0inrLhA-p_wZavY7Tr2yhkzg4eDRLayK2LJ6XIHPjTlgKv1eCKRGuyBI4l0s6sUjhem7SxyJmrcWolKJxWk5e6PSICO1fJ2f9KSZU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blZ0REtVdFkxUVl1UEs1&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&google_cver=1&google_push=AXcoOmSnYoeXM4CGEEL6akCzjMb4M2ecWNMIs8YqcK--OfkGzOEoJy0inrLhA-p_wZavY7Tr2yhkzg4eDRLayK2LJ6XIHPjTlgKv1eCKRGuyBI4l0s6sUjhem7SxyJmrcWolKJxWk5e6PSICO1fJ2f9KSZU
Request Chain 290
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGzdWN9Bd_zxl-MnECI8VXs&google_cver=1&google_push=AXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGzdWN9Bd_zxl-MnECI8VXs&google_cver=1&google_push=AXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 291
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBZX42cHRhBFsEiTkQRTtL8&google_cver=1&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d39lmLFsGA7M4AlAqkYxx7p6WDK_AXlAaf8FQ72YU8gLxwenxJb-B9yNP0EyFJdWWGxtcRUHLWWOqd3f0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBZX42cHRhBFsEiTkQRTtL8&google_cver=1&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d39lmLFsGA7M4AlAqkYxx7p6WDK_AXlAaf8FQ72YU8gLxwenxJb-B9yNP0EyFJdWWGxtcRUHLWWOqd3f0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk0ODgwNzc1NjA4ODE2MDU5NA&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d39lmLFsGA7M4AlAqkYxx7p6WDK_AXlAaf8FQ72YU8gLxwenxJb-B9yNP0EyFJdWWGxtcRUHLWWOqd3f0
Request Chain 292
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGO-kyoJjAE_10aU_uQ50-I&google_cver=1&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jMjA9VsEYwkGA4hp0bMtvi52imXwIjgEyIlRPY33Dgo8BfKMjWfzkaCghGZNadkZKkkMJHJM HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGO-kyoJjAE_10aU_uQ50-I&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jMjA9VsEYwkGA4hp0bMtvi52imXwIjgEyIlRPY33Dgo8BfKMjWfzkaCghGZNadkZKkkMJHJM&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jMjA9VsEYwkGA4hp0bMtvi52imXwIjgEyIlRPY33Dgo8BfKMjWfzkaCghGZNadkZKkkMJHJM&google_hm=TWxWZklQU2ZVeG5oQkpBY3lCMnE=
Request Chain 293
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEINi11ecmzeNS6EIopKMaWU&google_cver=1&google_push=AXcoOmScK9H7vuEqmb2XrMlQ8iNDP-AWufySfwJfl6D_4zAH4-kw6obVX-F44KN5JFUNayBNECnUJz-D_D3JlOU4s-D9oZM7Uv0khz2RNsekNrAWkBi8unmQ3fVA2rBT9jyNPwmUWJ9ffH15VTApxMxCP7Af HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmScK9H7vuEqmb2XrMlQ8iNDP-AWufySfwJfl6D_4zAH4-kw6obVX-F44KN5JFUNayBNECnUJz-D_D3JlOU4s-D9oZM7Uv0khz2RNsekNrAWkBi8unmQ3fVA2rBT9jyNPwmUWJ9ffH15VTApxMxCP7Af&google_hm=NjA3NTA2MzU2NTE4NTM4Nzg2MA%3D%3D
Request Chain 331
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8b10da0a9c270f7cedf38f6f22e2ced5
Request Chain 332
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA6Z8LEFQsEFkRxICUb2FLjkDJfm7DPO1xejbwnfsvU1kdEonZ_H9s-wGnhSj5W7cHg&format=gif
Request Chain 333
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5tx8yb_PG0TtsQFyaMWJZIagI2Ifq_d_k2hrtK8X22Gqrrcmv6nRdU22ffKzk6NMA&format=gif
Request Chain 334
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=LtGA5kfjD725GJxuQnhDZQ
Request Chain 340
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=68d36bfb-f21f-4e5f-9afc-89747f45e5eb&o=8859185035&callback=OX_8859185035&ju=https%3A//www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1 HTTP 302
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=68d36bfb-f21f-4e5f-9afc-89747f45e5eb&o=8859185035&callback=OX_8859185035&ju=https%3A//www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Request Chain 384
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qTQJUqg5DgSyOApU_TQQB6lgXASyYgQDrzjmzNJ1
Request Chain 385
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2467632124578826382
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQGD4jaZIDaftIIm-KqMbY&google_cver=1
Request Chain 394
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 395
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 400
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=553898122509061949
Request Chain 401
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HlqNrRZHSMHOLqxHSpadjxGI
Request Chain 403
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698920513791 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=996725311 HTTP 302
  • https://sync.1rx.io/usersync/turn/4448450027908307853?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
Request Chain 404
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5142336726074175109
Request Chain 405
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=f7a5dc85-de93-4a01-8f3e-085057490da3
Request Chain 406
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 407
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Request Chain 408
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYeOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYeOAE=&buyeruid= HTTP 302
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYeOAI=%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=30&buyeruid=3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a&r=Cid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEyAgYeOAI=&gdpr=&gdpr_consent= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a
Request Chain 409
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Request Chain 411
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 412
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 414
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6075063565185387860&gdpr=0&gdpr_consent=
Request Chain 415
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjA3NTA2MzU2NTE4NTM4Nzg2MA==&gdpr=0&gdpr_consent=
Request Chain 416
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODllVC1jeUFERllSbi04NlVpeHo4TVg3dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDg5ZVQtY3lBREZZUm4tODZVaXh6OE1YN3ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDg5ZVQtY3lBREZZUm4tODZVaXh6OE1YN3ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDg5ZVQtY3lBREZZUm4tODZVaXh6OE1YN3ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2467632124578826382&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDg5ZVQtY3lBREZZUm4tODZVaXh6OE1YN3ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=89eT-cyADFYRn-86Uixz8MX7w&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=6075063565185387860&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 417
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2467632124578826382&gdpr=0&gdpr_consent=
Request Chain 420
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-O-8APL&gdpr=0
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Request Chain 424
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=650e328f-9a59-41ee-9574-4c21fdbf254d&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D{SSP}%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}%26ssp%3D{SSP}%26bsw_param%3D{BSW_PARAM} HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=9c862516-bac4-4675-8fc3-65c5834d9915&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 430
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUN4QVPDLrIIuJjPohc2wQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
Request Chain 433
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUN4QVPDLrIIuJjPohc2wQAADRMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
Request Chain 434
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZUN4QgAAANjH7wBC HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUN4QgAAANjH7wBC&_test=ZUN4QgAAANjH7wBC
Request Chain 436
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685630498578664
Request Chain 437
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUN4QVPDLrIIuJjPohc2wQAA%263347&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUN4QVPDLrIIuJjPohc2wQAA%263347&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a5583b5fab354d4ebda1e3eab057d642 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a5583b5f-ab35-4d4e-bda1-e3eab057d642 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=0c2e87b6-9ca5-4c2d-ba80-fbd4766869bd%3A1698920514.8380096&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c2e87b6-9ca5-4c2d-ba80-fbd4766869bd%253A1698920514.8380096%26_%3D1698920514.8418858&cb=1698920514.841919 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630498578664&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c2e87b6-9ca5-4c2d-ba80-fbd4766869bd%253A1698920514.8380096%26_%3D1698920514.8418858 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=0c2e87b6-9ca5-4c2d-ba80-fbd4766869bd%3A1698920514.8380096&_=1698920514.8418858 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEImWfLt4xSRD3F-kBKljiZU&google_cver=1
Request Chain 439
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUN4QYbloBxhLaPfbtESqQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
Request Chain 440
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUN4QYbloBxhLaPfbtESqQAAFDYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
Request Chain 442
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUN4QYbloBxhLaPfbtESqQAA%265174&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUN4QYbloBxhLaPfbtESqQAA%265174&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2d76f921d6134d21a3af442ee291bee7 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a5583b5f-ab35-4d4e-bda1-e3eab057d642 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3fe9bdeb-b4da-4450-a126-b20568bb5a08%3A1698920514.8371832&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3fe9bdeb-b4da-4450-a126-b20568bb5a08%253A1698920514.8371832%26_%3D1698920514.8394394&cb=1698920514.8394732 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630498578664&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3fe9bdeb-b4da-4450-a126-b20568bb5a08%253A1698920514.8371832%26_%3D1698920514.8394394 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3fe9bdeb-b4da-4450-a126-b20568bb5a08%3A1698920514.8371832&_=1698920514.8394394 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjczZmU5YmRlYi1iNGRhLTQ0NTAtYTEyNi1iMjA1NjhiYjVhMDg6MTY5ODkyMDUxNC44MzcxODMyEAAaDQjD8I2qBhIFCOgHEABCAEoA HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=553898122509061949
Request Chain 443
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nVtDKUtY1QYuPK5
Request Chain 444
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 445
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699548636d0211rhh00loh1eqme
Request Chain 446
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 450
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=553898122509061949
Request Chain 451
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f71333e6-5083-4419-a99d-229783f10b6a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=739a22a8-e894-494a-adac-314eb70ccae4&ssp=gumgum2&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 452
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0a0042d7-2df4-04cd-0319-fc8aa45c7846
Request Chain 453
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
Request Chain 454
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.BJKNelE2pfCskOKUApbM5PTp7oi26gUsueX~A
Request Chain 455
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1
Request Chain 457
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f71333e6-5083-4419-a99d-229783f10b6a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=MlVfIPSfUxnhBJAcyB2q&gdpr=0&us_privacy=1---
Request Chain 458
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=8NDkw7mAqeFP&ev=1&pid=558355
Request Chain 459
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6075063565185387860
Request Chain 461
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d&google_hm=NjUwZTMyOGYtOWE1OS00MWVlLTk1NzQtNGMyMWZkYmYyNTRk HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELvPpSfx-RtntckxwnXOiGc&google_cver=1&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 462
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=2467632124578826382&gdpr=0&gdpr_consent=
Request Chain 467
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=a007833e41e0bdc4d36d22598fe234cd
Request Chain 468
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 470
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=646404a3-7a73-03cf-1cfa-f5902c0ff3e5
Request Chain 471
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfXCDuc-iQ99byvS00qpao&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=553898122509061949 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 472
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUN4QVPDLrIIuJjPohc2wQAA%263347
Request Chain 473
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3154585111740024045296
Request Chain 476
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUN4QsCo8YIAAGWL1dEAAAAA
Request Chain 477
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=xkgG0zfu0NftQwbLRi5u&pi=gumgum&tc=1
Request Chain 478
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 479
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOH1ENG5-O-8APL HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LOH1ENG5-O-8APL
Request Chain 488
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
Request Chain 489
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5383807571 HTTP 302
  • https://sync.1rx.io/usersync/turn/4376392433870379917?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
Request Chain 491
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Request Chain 493
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
Request Chain 495
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=4096350709675086086 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/be5fb09f-bab5-5232-97fd-7e91f2be06d3
Request Chain 496
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Request Chain 500
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-Nw01BMDU6PWDV-po7Xecqgehg1ssKgQ
Request Chain 502
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Request Chain 509
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/2467632124578826382
Request Chain 510
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=IpsvCF9jNkRmaWQ1VElvQWhSMEVYT2cwbnh0S29XRlAlMkZTJTJCR3lKeTZHRk5rZ1BQSkJNQm9tdyUyRkpOZ29NV3g5ekprUUolMkJFQzFlUW1FSnVBQ3dYeGc4ZWJqSTdMQ0NoempLZ3h0dGM3QyUyQnZlZW5qeDJWU3hFRXRoMk1tbVdlJTJGSCUyRkcxeDdFdVFBM2VvR2lHUm9ER3F5dk5ra1NrJTJGZkNEQUE4WkVHZFdmbXY4JTJGanI4bzNUZFU1RjlNZFclMkZoVWNtTlAlMkZBWWJu&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-ebecRL2hmk_Sd271iLbmKvLahZ__aOVbNwaJzw HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=criteo&gdpr=&gdpr_consent=
Request Chain 511
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Request Chain 513
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NcTA0TTJx4cuyMPXYcTZhDWQlYcuks2AM8jaJOyQ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Request Chain 514
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=553898122509061949&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Request Chain 515
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296808046146549916&gdpr=0&gdpr_consent=
Request Chain 516
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 517
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_npTEel5WHNtX_XPbHsnNLnDR9w&gdpr=0&gdpr_consent=
Request Chain 518
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 520
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFV1FFN0todkFBQUJlN3ZMV1oyZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEWQE7KhvAAABe7vLWZ2g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEWQE7KhvAAABe7vLWZ2g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEWQE7KhvAAABe7vLWZ2g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6075063565185387860&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEWQE7KhvAAABe7vLWZ2g&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 521
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe9cc62e2508e495bbcd894294fc7814b HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 522
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 525
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6780142541224797239 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 526
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685630498578664 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Request Chain 530
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=27773147ecb03237/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXTTTYbWTnjhaYXYT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=35173e3d9d93849ada1ea497a000bab&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DGp1rLOrtXTTTYbWTnjhaYXYT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXTTTYbWTnjhaYXYT&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=66xKi8xoR6OUe0j9ORmrjA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 533
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=&ct=y
Request Chain 534
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=901088620
Request Chain 535
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODllVC1jeUFERllSbi04NlVpeHo4TVg3dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2467632124578826382&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfXCDuc-iQ99byvS00qpao&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 538
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2467632124578826382 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 541
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fzCCZM1E2uUvPeoqxxBakcY5MAGjPME-~A&gdpr=0
Request Chain 542
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5eee3ca7-0f05-4c29-b836-502b2a6ae866-65437842-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 543
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4448450027908307853&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 544
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=419ebc7d1d316e8&is_secure=true&networkId=17100&version=1&nuid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAII1ZTErDMUAMAzEINAAAAAAA&expiration=1699006914&nuid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 545
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:710fffe7-94d1-4874-a871-7a00cd1ce488&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 550
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/341aa76c3feeccdb66e7d06d8269eac?gdpr_consent=&gdpr=0
Request Chain 554
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOH1ENG5-O-8APL HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOH1ENG5-O-8APL
Request Chain 571
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685630498578664
Request Chain 572
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUN4QgAAANjH7wBC
Request Chain 574
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AAEWQE7KhvAAABe7vLWZ2g&id=537125688
Request Chain 575
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=2caf19bcbc4c16b1&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIQNMhaWAb5gNsLW1yAAAAAAA&expiration=1699006915&nuid={OX_USER_ID}&is_secure=true
Request Chain 576
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=_npTEel5WHNtX_XPbHsnNLnDR9w
Request Chain 577
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Imtsm6xnhbWCFqDQvxVDug==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 579
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 580
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=xkgG0zfu0NftQwbLRi5u&pi=openx&gdpr=0
Request Chain 589
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48C6BEFFDF2146F6962BF9F1B8B41114&gdpr=0&gdpr_consent=
Request Chain 590
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3921084277
Request Chain 593
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 594
  • https://pixel.onaudience.com/?partner=214&mapped=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

595 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
www.bg3.co/a/ 		57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1effec8d1d6ccab9f5f3c34b2c9aab858e07c693e163331f1ff018b39ea656a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:47 GMT
etag
"e217-b+1XbelVIVe4QQaEfvJUUat0Vbw"
expires
Thu, 02 Nov 2023 10:22:47 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Nov 2023 10:21:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73131
x-xss-protection
0
server
sffe
etag
"8cd1ce497f4c5169"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 10:21:48 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Nov 2023 10:21:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9636
x-xss-protection
0
server
sffe
etag
"8e4fe4ecd2caf064"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 10:21:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
078dcf115b21212e312fe3c048304d4bec25efc27952583f53f495b3a794425c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30822
x-xss-protection
0
server
cafe
etag
988 / 19663 / 31079291 / config-hash: 9369610358558058957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:48 GMT
js
www.googletagmanager.com/gtag/ 		267 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62788ac511acb39dac6d822c145219994b9f0012c1574c611a535ff9704413b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91086
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Nov 2023 10:21:48 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 16:27:30 GMT
server
cloudflare
age
21790
etag
W/"65427c72-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
81fba718cccc3b57-GVA
expires
Thu, 02 Nov 2023 16:18:38 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 02 Nov 2023 11:21:48 GMT
date
Thu, 02 Nov 2023 10:21:05 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Thu, 02 Nov 2023 06:59:43 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/ 		710 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e21829c72e2ada8216248741b7f6e22ee5cdf20efe5a3827ce74833f22379831

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 02 Nov 2023 11:21:48 GMT
date
Thu, 02 Nov 2023 10:21:05 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Wed, 01 Nov 2023 05:41:51 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		574 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22186fe088f107b1b9cf8df09648855ec0ff2a229562aa3ea2105074245f64e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yWBe0cYrKEwvLXxauOxhAz34cwggtp7
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:48 GMT
x-amz-request-id
XJHDAVPGGY73127Z
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
55396
x-amz-id-2
4Qq4VgrCM+CkZMni6u8I9dtRFL+iP/ejgDZJlsEENRvNalutwifLMHzPxZX5qsmlt/dwuGsDrQQ=
x-served-by
cache-mxp6931-MXP
last-modified
Wed, 01 Nov 2023 11:44:33 GMT
server
AmazonS3
x-timer
S1698920508.264324,VS0,VE115
etag
"f146a40917f9039abfb16f32adf97ac6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7560
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jp6I4Na9LUeBOlcG1qCredQJrvdIoiaJE9ptk2KW9C%2BWXToUmdTg5K4VFRdu9ZHVROyiOi%2FtN7mGlkq34v7vggWvPibpRQ%2B03O8qvh24BiiXDO2C%2FJgKvimyN3PPf3JHghsMj8vSeKYum6zt%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81fba71c0f4b3b58-GVA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
t.php
c.statcounter.com/ 		192 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=3185CD9D89DA4F5B0BCB54C8EEDD5495&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&t=%E6%B9%96%E4%BA%BA%E3%80%81%E7%B1%83%E7%B6%B2%E8%81%96%E8%AA%95%E5%A4%A7%E6%88%B0%E5%B9%B3%E5%9D%87%E7%A5%A8%E5%83%B9%E7%A0%B42%E8%90%AC1%E3%80%80%E9%80%99%E5%A0%B4%E8%8B%A5%E5%8F%96%E6%B6%88NBA%E6%81%90%E8%B3%A011%E5%84%84%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2698&sc_rum_e_e=2705&sc_rum_f_s=0&sc_rum_f_e=2695&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
81fba7194d223b57-GVA
expires
Mon, 26 Jul 1997 05:00:00 GMT
ccdcd2b98f8188397fd99e8c7144e7b2.jpg
static.bg3.co/imgs/202112/ 		0
0
e8882cff341d574157c88cb9063a4d1b.jpg
static.bg3.co/imgs/202309/ 		0
0
bb9ada5f9e738b3f53fcf899614a162c.jpg
static.bg3.co/imgs/202108/ 		0
0
85da8136d7fd03b97e524494fd2dbf81.jpg
static.bg3.co/imgs/202112/ 		0
0
d86fec56efcbd6586a9d9382879e71c5.jpg
static.bg3.co/imgs/202106/ 		0
0
f82cb90d6b0fbc0f74d36a5aeb109350.jpg
static.bg3.co/imgs/202309/ 		0
0
631301e1711a7bc0f86c220178fcd36a.jpg
static.bg3.co/imgs/202309/ 		0
0
e56105ece9d2a3d9670876c981fa355b.jpg
static.bg3.co/imgs/202012/ 		0
0
db7a64218d7e4b57fc5ee8ae9a7c77ca.jpg
static.bg3.co/imgs/202109/ 		0
0
94296caa1c581cb363af0a23cce6119a.jpg
static.bg3.co/imgs/202112/ 		0
0
348cf941f6aeee1af0ba0ac18d4e6f83.jpg
static.bg3.co/imgs/202110/ 		0
0
aa39faf6b4280143b69a66f970306e85.jpg
static.bg3.co/imgs/202309/ 		0
0
58ff62de9ac8ef5e3d55e99f95cda08a.jpg
static.bg3.co/imgs/202105/ 		0
0
846f91d6fd3fd30ebe5df55c02422e0e.jpg
static.bg3.co/imgs/202105/ 		0
0
44953545b63a44398d620b70bf150cdc.jpg
static.bg3.co/imgs/202105/ 		0
0
1b53eb39b80b74b843aad08b7ddfb4c4.jpg
static.bg3.co/imgs/202105/ 		0
0
bedcf6190a4a54ab07da232011e0757e.jpg
static.bg3.co/imgs/202107/ 		0
0
3d0f31eafd415c4432660a5a60988972.jpg
static.bg3.co/imgs/202112/ 		0
0
eea5db52e3a3b3c32418509a70883cb0.jpg
static.bg3.co/imgs/202105/ 		0
0
556e50590022ec7f928dbaa8b1aef30a.jpg
static.bg3.co/imgs/202106/ 		0
0
3b50d0c41d8a83fca8265ce0e00e01bf.jpg
static.bg3.co/imgs/202105/ 		0
0
5e103ce1c89b25ef956359c73b8117e7.jpg
static.bg3.co/imgs/202309/ 		0
0
8c723cf740c8514748ca479921779bca.jpg
static.bg3.co/imgs/202105/ 		0
0
34e40d5748d34a17250d62f585821f8a.jpg
static.bg3.co/imgs/202105/ 		0
0
f7f16ccbef533c95bd8f97e246bf5d6c.jpg
static.bg3.co/imgs/202106/ 		0
0
71716654d50f07aceefecae6f495aa91.jpg
static.bg3.co/imgs/202105/ 		0
0
ae637c79e18ee2a593e98499558784df.jpg
static.bg3.co/imgs/202105/ 		0
0
daea66ba1cd822bf2b0ae48f24828244.jpg
static.bg3.co/imgs/202105/ 		0
0
489eb1289ecb7267c84a8efb0a0034f7.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:09 GMT
age
144339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"4ca4ccf1afd64d82"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:09 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310201815000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 31 Oct 2023 18:16:09 GMT
age
144339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3941
x-xss-protection
0
server
sffe
etag
"aef77be21ea5e253"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Oct 2024 18:16:09 GMT
impl.20231101-5-RELEASE.js
cdn.taboola.com/libtrc/ 		816 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
43260b3e830dc7e16eaf0554d00f15020357d9c13e553978034d878850cb763e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ue0v9oXRWcKpSMc7zNMS9p_qfLSU1fty
content-encoding
br
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:48 GMT
x-amz-request-id
HYD5FZA32T667WVC
age
730
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172851
x-amz-id-2
HNZOFAfrZPGd48P/miOdY5354rek3mCb7D1GCtUJVBn9/5yJ1k4B0sSEYMUnQiJzAooBHyUp/Wg=
x-served-by
cache-mxp6931-MXP
last-modified
Wed, 01 Nov 2023 10:00:44 GMT
server
AmazonS3-br
x-timer
S1698920509.572386,VS0,VE0
etag
"f765887f860a79098a8980da5a30f3fd"
vary
Accept-Encoding
content-type
application/javascript
abp
91
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1601
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3au1v9102959953&_p=1326638089&gcd=11l1l1l1l1&cid=299927836.1698920509&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1698920508&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=%E6%B9%96%E4%BA%BA%E3%80%81%E7%B1%83%E7%B6%B2%E8%81%96%E8%AA%95%E5%A4%A7%E6%88%B0%E5%B9%B3%E5%9D%87%E7%A5%A8%E5%83%B9%E7%A0%B42%E8%90%AC1%E3%80%80%E9%80%99%E5%A0%B4%E8%8B%A5%E5%8F%96%E6%B6%88NBA%E6%81%90%E8%B3%A011%E5%84%84%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/ 		424 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 14:04:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
73039
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136180
x-xss-protection
0
server
cafe
etag
6663949485869648659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 14:04:29 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
320380
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		34 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A21%3A48.756&lti=deflated&data=%7B%22id%22%3A117%2C%22ii%22%3A%22%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698839064533%2C%22vi%22%3A1698920508753%2C%22cv%22%3A%2220231101-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html%22%2C%22vpi%22%3A%22%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3550%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3098.0625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24af2e8d3f45b6fab6c93d682be5333c636ffe1419f128ca313141201d918180

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
451
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.8710416666666667
x-fastly-to-nlb-rtt
70837
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6931-MXP
x-log-content-encoding
gzip
server
nginx
x-timer
S1698920509.764608,VS0,VE451
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4119878
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-mxp6934-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698920509.854801,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
49, 7314
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
870
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAm78lfhGrAjFOZJmtfOUHVBbUDNgNRBz%2B0vCx%2BqWeC2h68%2Ft2np3xqmPFgZ3DwxpjYkUnFjFtEC0Y6GKI2BSazoE3dbZqWE6ewO9UW8VlJQGrEiyG7u%2FHbusICTt3FKWmfwwA65F9WOZnjS2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
81fba71c5f803b58-GVA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e91a25647d0ac40582377200ea42f12969ae4f73e8fb8d5ea15eb9d4169a54e6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6179667532628734&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:49 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3320146534112779&correlator=3928536091722849&eid=31079299%2C31079291%2C31079234%2C31079240&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1698920508917&lmt=1698920508&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=299927836.1698920509&ga_sid=1698920509&ga_hid=1326638089&ga_fc=true&dlt=1698920508161&idt=720&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8672e04e9c8ce5a7d318a5934c893ade0414142ca246ec1577bfefbb78338c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12598
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9163 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:49 GMT
expires
Fri, 01 Nov 2024 10:21:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		631 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1698920509017
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C71) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 01 Nov 2024 10:21:49 GMT
date
Thu, 02 Nov 2023 10:21:49 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (mil/6C71)
age
6650151
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3682408
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6934-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698920509.094982,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13, 510467
view
securepubads.g.doubleclick.net/pcs/ Frame 83B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLF1gQbYF6xa9Efm11nPMF0lnOOf289t75JzBBMtqB9EfZQVA4wvclFNk3mVnPQshHSkTh_M6AhRRcc8ZE_6TkkhGpac-kihweTyHzTkd3ihU33lHPTWqF1HJ4fbICvyfxwDAWVDksU5no1VlFjVKs0nbRcnEuwqX4tBGrG9ptVbcO6l39zvS_chipg9PR7KrF6_HJGSxE0lVqO906fzvxaTVF7gj0wqSl4EgK_f3lHaCvnLmwgwLciVaAbBCyxEu7XoYdOM__atuJzcnOcyUcpaWBBcVbB0YxNNhloZGFDTTKKxoeqpSuMboFhc1_rlfqHg&sai=AMfl-YTWmjXTveQIQQgk2B_5TdC50zGAj2VeRzrho7R_6Tf1jLvh_Uei5lMqRL3koDErBK_buFW57CpbddLQDlXv5xfDhYS4_5a-oB8ZLwhF1sYZqVcpSjfSGZjcPGgpn3jZ_GIaDR4FAiHJ3ew5d7g6&sig=Cg0ArKJSzAdm4gc-k6mGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Nov 2023 10:21:49 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 13:45:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651ebdf6-66b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 02 Nov 2023 11:21:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 83B9 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:49 GMT
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C3A) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
age
4164366
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (mil/6C3A)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 10:21:49 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BBC) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
age
7183267
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (mil/6BBC)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 10:21:49 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C88) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
age
4164366
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (mil/6C88)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 10:21:49 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg5MjA1MDkzMDEsInBhY2tldElkIjoiMDAwMEE3MDEtZDJiMjZlMDQtMGZiYy00NTkxLWI0ZmYtZWMxMWRmYzQwMjhkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1LXJlbi1sYW4td2FuZy1zaGVuZy1kYW4tZGEtemhhbi1waW5nLWp1bi1waWFvLWppZS1wby0ybW8tMS16aGUtY2hhbmctcnVvLXF1LXhpYW8tbmJha29uZy1wZWktMTF5aS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=3665.2000045776367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
taboola-vignette-new-scanning.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7947fc706e3055b205951a22bef2655cde781df401c18942e49496a8f5647c3c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5gCBEUTsJzsaSRxrs25MSoZHgYT9MnuN
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
G8QFNHVWGE22FBGT
age
514
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
pVv15HK4meNrWYVQ9xAyD5Dsx0NddPbOKJdbFR8iGmXNFg5ZqbRXIRb8zr7bhBTPfvypWbenyqg=
x-served-by
cache-mxp6931-MXP
last-modified
Thu, 02 Nov 2023 10:13:15 GMT
server
AmazonS3
x-timer
S1698920509.449970,VS0,VE0
etag
"1da083932193c34f1291c9079d8d77aa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
2
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
35
distance-from-article.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09786c41a3905cd2436a020cad81c09334bb3f2012b4da70012edc55f427592a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
phbSXifw2h1prf6J9xesDnAqCMT2hP4p
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
BSFJQQ1CMNDESEX1
age
543
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
0RlCToVjd+6YiV+EkiYPyhL9mJ8MhzB3eAZFtflOGzDrrwtF3Nw39srv2O2MFHxJtxJLXbZDW5Y=
x-served-by
cache-mxp6931-MXP
last-modified
Thu, 02 Nov 2023 10:12:46 GMT
server
AmazonS3
x-timer
S1698920509.460250,VS0,VE0
etag
"3f59a1f7704ebf16208cead0458ddb7b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
808
article-detection.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e3738508aaf0c8fea2bd8b9ce4d1b0ae76dec5b43eb0f75d69f83f4d9e3b14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qEwehHgO40svd3OfQqTJBKCvKQ.MAXgJ
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
HBNNHE9HT0JHTG24
age
550
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
T8ACd5HFX9qGCk5ljGBn4sGbZlLIcoRKbVL5M7/aPAJ3POfpbyQYZPlk+HysLgxRkFg55hiUkv8=
x-served-by
cache-mxp6931-MXP
last-modified
Thu, 02 Nov 2023 10:12:40 GMT
server
AmazonS3
x-timer
S1698920509.460184,VS0,VE0
etag
"6a7c58b6c1dcde6eebc1a6c34659c6c5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
811
tb
15.taboola.com/ 		30 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=palmate-bg3co&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Feed&uuip=Feed%20-%20Below%20Article%20Feed&cisrf=&cirf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&encoded=1&uid=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1698920509454&tagid=&cntry=CH&platform=1&sesid=2cb62fa878092f1d9af1278499b1bcce&itemid=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&viewid=1698920508753&geolat=&geoing=&deviceifa=&appid=&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ri=5919e2155c0038569869503bcbd47c31&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1524057&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=ZG&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1231993&prcnt=&layer=&normp=1&gvv=9058
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a438d45eb21e005b3d9f9d2218caa1694eb5e0a3dd1dcc4857c69799f110906

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1468
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-mxp6931-MXP
pragma
no-cache
server
nginx
x-timer
S1698920509.462497,VS0,VE37
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c053e6b00b68319676e77fb4d0a5456a90bdec49848eb46a84f380aeb3ba3646

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
t2x2_22ZvNec6bE_pDBxDn6viuodoqV6
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
T8MVA5DX1YZG7RJM
age
538
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
w9qaqIKEcAKA2kRtUKq8WbHMKM7G2bPuIpoF/HxavUU+f3uwkU7iArI8KrNNdWdE3EBe01w/dXM=
x-served-by
cache-mxp6931-MXP
last-modified
Thu, 02 Nov 2023 10:12:51 GMT
server
AmazonS3
x-timer
S1698920509.462920,VS0,VE0
etag
"7f9270c67f80771519e4969f44f8d453"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
793
userx.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d01485edc889f10ce5f17056301e09569f8e893bba2c306bde9f788119343cc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Pojb1mAKKHuvx73ceU8_DWnPrdI8FXHz
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
71VN6V4BYWXCCW1V
age
511
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
y5s6ERGrc0q0Q1tf1lRQsDkPfSXLNlhWGfOXoB2QTqKk2kJOASFC0laySzL9BFdjCtk5trZ7uRM=
x-served-by
cache-mxp6931-MXP
last-modified
Thu, 02 Nov 2023 10:13:18 GMT
server
AmazonS3
x-timer
S1698920509.466707,VS0,VE0
etag
"c646e0ba29eae5c4d5cf35a5e15a39b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
147
explore-more.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ad95379d595faee7a63f9159604939a91a8b672cc963fdb20d34e4eea87b836

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yHYy8iIGnXGcdktTHCR7FQZANdLTB52y
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
7TF5M36YD5V0WG03
age
540
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
h6yWezYST8Y1u4EeGmsTzYW4fyvAOr7ydtqLicz6qPhsy8l55LnfdQCZJAUPqnUNiz7H5NOu83w=
x-served-by
cache-mxp6931-MXP
last-modified
Thu, 02 Nov 2023 10:12:50 GMT
server
AmazonS3
x-timer
S1698920509.475482,VS0,VE0
etag
"0735712c7751feb36a3c542a844a1e26"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
92
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
471
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1698920509440%7D&tim=11%3A21%3A49.440&id=5917&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698920509448%7D&tim=11%3A21%3A49.449&id=9010&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A21%3A49.468&id=1778&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A21%3A49.470&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=132&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84685
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A21%3A49.471&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=5045&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84685
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A21%3A49.475&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7510&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84685
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A21%3A49.476&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4847&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84685
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A21%3A49.480&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=8939&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84685
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
2BXJKKX2RZV89N9D
age
94
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
WyL2v7Y6tMjGZIwQzTqLEakrV0fvos6RjsnPZZi2oiW+JmOnNuMfVUBcREdsw9/uoKeZa4qMe/Y=
x-served-by
cache-mxp6931-MXP
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1698920509.493062,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
63
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
68
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 209C 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
639a736f9bd3a65680f59b8a7ba30b91c18da0686c4637a98d94d1fcea862fe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10056
x-xss-protection
0
server
cafe
etag
641114683234982296
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:49 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame B9B2 		714 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
5873
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
81fba720fa716aa1-GVA
content-encoding
br
content-type
text/html
date
Thu, 02 Nov 2023 10:21:49 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsKBANvWtpvqi7tSGKTRlRQIRfzedw2dNXEbv4wypI6imo82mDRI0P3Iaz%2BdpCtabYR6qlOVF%2BUIR01hU%2BsBqC93%2Fk4McfAWqox%2Fya7eISCZjEI2qHTosc5EyHQgt6Bs7KwsStfKG%2B%2F1oyv0yg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 74B0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 10:21:50 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 02 Nov 2023 10:21:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/05e3d8c7-6920-3f1f-b93f-555ad1482cbc?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-b.OJ6vhE2oWOUhjgdBWgHI8yTEWMzI4APayUXfI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Thu, 02 Nov 2023 10:21:50 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4a06fbae6c20c8202bb878e66ee6731378e9fa229f0541c87d98a7583b843ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
age
2484643
edge-cache-tag
524045688705450490749057790898853645799,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
524045688705450490749057790898853645799,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
671
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gamewells.com/
content-length
70696
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000113-IAD, cache-iad-kiad7000113-IAD, cache-lax10620-LGB, cache-iad-kcgs7200103-IAD, cache-mxp6931-MXP
last-modified
Wed, 06 Sep 2023 19:15:56 GMT
server
nginx
surrogate-reporting
width=933,height=700,owidth=1200,oheight=700,obytes=384452
x-timer
S1698920510.608749,VS0,VE2
etag
"5f5d1089c4aaf6e97471a69ef5f5f971"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 10, 1, 63, 1
e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a4b92eb8757c6154f1035b1796185353e6fe107b28fb561be855f68f3f7097e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
age
2154567
edge-cache-tag
524045688705450490749057790898853645799,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
524045688705450490749057790898853645799,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
243
req-referer
https://healthydiet4ever.com/
content-length
38916
x-request-id
6c11cfa1d615ffbc6844b4f571273aa5
x-backend-name
US_nlb106
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kiad7000048-IAD, cache-iad-kiad7000120-IAD, cache-mxp6931-MXP
last-modified
Wed, 27 Sep 2023 14:02:54 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=71346,owidth=1200,oheight=700,obytes=384452
x-timer
S1698920510.609267,VS0,VE1
etag
"f5d0f39d98481b0258bf0806c04d043d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 32, 1
9a4ecf5109be16031d28e9a01fadb46f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
569589d1a800a51f7cf967fa16e067d8bf640f84ade0a3669c82a47409632867

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
age
1304884
edge-cache-tag
628202487412726569341509448001726198285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
628202487412726569341509448001726198285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
378
expiration
expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
8602
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000078-IAD, cache-iad-kcgs7200104-IAD, cache-lax10649-LGB, cache-iad-kjyo7100035-IAD, cache-mxp6931-MXP
last-modified
Wed, 20 Sep 2023 02:27:47 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=16296,owidth=1000,oheight=750,obytes=259613
x-timer
S1698920510.609589,VS0,VE1
etag
"bd60a03c1d9e17816f7b357df113c3d6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 113, 1
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c131b7d7074657a3c6b3c78070b555c08c806b6aa112b5eb079adfedf01285db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
2905732
edge-cache-tag
495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
115
expiration
expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
27248
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100039-IAD, cache-lga21930-LGA, cache-iad-kjyo7100043-IAD, cache-mxp6931-MXP
last-modified
Fri, 15 Sep 2023 21:01:09 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=41106,owidth=1000,oheight=668,obytes=535178
x-timer
S1698920510.641888,VS0,VE0
etag
"4da26575e1978428f0b62597ca689e9e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 3477, 3
1401403388__xkcuLzhS.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1401403388__xkcuLzhS.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a6d5c256ddcd644ace835157e76f8f4bd50f6a066739842d081cc3f289ec8936

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1401403388__xkcuLzhS.jpg
age
2612038
edge-cache-tag
303266524501316527564676891389704434410,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
303266524501316527564676891389704434410,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
106
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
24490
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100100-IAD, cache-iad-kjyo7100100-IAD, cache-lga21977-LGA, cache-iad-kcgs7200137-IAD, cache-mxp6931-MXP
last-modified
Wed, 06 Sep 2023 05:24:43 GMT
server
nginx
surrogate-reporting
width=920,height=460,owidth=2120,oheight=1414,obytes=1219974
x-timer
S1698920510.651580,VS0,VE1
etag
"f37fb0db3a85bf2f9b70abba6bd70bec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 14, 1
c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06a66363c25f5d4bc424e88806c4a20ff8ecbeda18b5df83fc93e6232076abee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
age
3878022
edge-cache-tag
631347976359316422353633311561679458810,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
631347976359316422353633311561679458810,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
463
req-referer
https://www.st-georg.de/
content-length
28292
x-request-id
7b8e30df1cea6f1c130b2648f51841e1
x-backend-name
US_nlb105
x-served-by
cache-iad-kiad7000145-IAD, cache-iad-kiad7000057-IAD, cache-iad-kiad7000094-IAD, cache-mxp6931-MXP
last-modified
Wed, 13 Sep 2023 17:45:33 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=38063,owidth=2000,oheight=1330,obytes=517450
x-timer
S1698920510.651579,VS0,VE1
etag
"3da44e042e046e84e56f618d1e4a16ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 180, 1
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
28a3320749440ee186044135d5f8df9d013ee44e3056ef87abc0edac2e80757d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
3716632
edge-cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
26
req-referer
https://games.espn.com/
content-length
8202
x-request-id
7566a54d52f59e01fec20137eda07cf6
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000089-IAD, cache-sna10744-LGB, cache-iad-kiad7000113-IAD, cache-mxp6931-MXP
last-modified
Mon, 11 Sep 2023 14:19:17 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=19552,owidth=1200,oheight=800,obytes=384488
x-timer
S1698920510.671893,VS0,VE1
etag
"2ab09194cbfd18a791103c6697590d5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 187, 1
e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c9a5f3005490dd4abb9221f32ea477f75f8f1cea796475943cfdb009800b2b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8fa7d5c1b7b6f7685b6939c0bc0dd8d.jpg
age
4373002
edge-cache-tag
524045688705450490749057790898853645799,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
524045688705450490749057790898853645799,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
249
expiration
expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://conservativeinstitute.org/
content-length
43366
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100147-IAD, cache-iad-kjyo7100147-IAD, cache-sna10730-LGB, cache-iad-kcgs7200109-IAD, cache-mxp6931-MXP
last-modified
Wed, 30 Aug 2023 16:07:16 GMT
server
nginx
surrogate-reporting
width=1200,height=666,owidth=1200,oheight=700,obytes=384452
x-timer
S1698920510.685950,VS0,VE5
etag
"29609538f8fbd06b471459db8540a475"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 65, 1, 126, 1
1401403388__xkcuLzhS.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1401403388__xkcuLzhS.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d213374d9ffac1293cd81335453a6a468d1b220fd336c22ebd0e6deb0c31fa48

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1401403388__xkcuLzhS.jpg
age
1306676
edge-cache-tag
303266524501316527564676891389704434410,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
303266524501316527564676891389704434410,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
149
req-referer
https://ffxiv.consolegameswiki.com/
content-length
26346
x-request-id
8dc3b5cc80c6c74deecc8d9b4b66c04b
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100106-IAD, cache-iad-kjyo7100029-IAD, cache-chi-klot8100114-CHI, cache-iad-kcgs7200118-IAD, cache-mxp6931-MXP
last-modified
Tue, 17 Oct 2023 04:45:18 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=42864,owidth=2120,oheight=1414,obytes=1219974
x-timer
S1698920510.686092,VS0,VE2
etag
"6dd87220047ddb25a8507f35667ac97c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 11, 1
9a4ecf5109be16031d28e9a01fadb46f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c6a50b9cbac5c91708b0dcf9cae3c3165d2569040cec6d4cb6a111be6929bf0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
age
6231103
edge-cache-tag
628202487412726569341509448001726198285,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
628202487412726569341509448001726198285,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
224
expiration
expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tips-and-tricks.co/
content-length
18892
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-lax10667-LGB, cache-iad-kjyo7100029-IAD, cache-mxp6931-MXP
last-modified
Mon, 14 Aug 2023 17:32:39 GMT
server
nginx
x-timer
S1698920510.702992,VS0,VE3
etag
"d32c7f0a00691d25e92fe62e483686f3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 27, 1, 318, 1
2019c936c024fa6fda3c941fa067ea81.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1f092f6197eacc2363e809fd2dc07638f8a9859883130d144ca74903027b870

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2019c936c024fa6fda3c941fa067ea81.jpg
age
4324089
edge-cache-tag
495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
495917111911929012461748354836139372250,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
243
expiration
expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.orovillemr.com/
content-length
93950
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200092-IAD, cache-iad-kiad7000068-IAD, cache-iad-kjyo7100020-IAD, cache-mxp6931-MXP
last-modified
Thu, 17 Aug 2023 04:36:39 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=668,obytes=535178
x-timer
S1698920510.716817,VS0,VE1
etag
"fd2cfe471f8e594719367f0536a90b0a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1058, 1
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg5MjA1MDk2MjksInBhY2tldElkIjoiMDAwMEE3MDEtZDJiMjZlMDQtMGZiYy00NTkxLWI0ZmYtZWMxMWRmYzQwMjhkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1LXJlbi1sYW4td2FuZy1zaGVuZy1kYW4tZGEtemhhbi1waW5nLWp1bi1waWFvLWppZS1wby0ybW8tMS16aGUtY2hhbmctcnVvLXF1LXhpYW8tbmJha29uZy1wZWktMTF5aS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3992.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg5MjA1MDk2MzQsInBhY2tldElkIjoiMDAwMEE3MDEtZDJiMjZlMDQtMGZiYy00NTkxLWI0ZmYtZWMxMWRmYzQwMjhkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1LXJlbi1sYW4td2FuZy1zaGVuZy1kYW4tZGEtemhhbi1waW5nLWp1bi1waWFvLWppZS1wby0ybW8tMS16aGUtY2hhbmctcnVvLXF1LXhpYW8tbmJha29uZy1wZWktMTF5aS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3998
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg5MjA1MDk2MzgsInBhY2tldElkIjoiMDAwMEE3MDEtZDJiMjZlMDQtMGZiYy00NTkxLWI0ZmYtZWMxMWRmYzQwMjhkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1LXJlbi1sYW4td2FuZy1zaGVuZy1kYW4tZGEtemhhbi1waW5nLWp1bi1waWFvLWppZS1wby0ybW8tMS16aGUtY2hhbmctcnVvLXF1LXhpYW8tbmJha29uZy1wZWktMTF5aS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4001.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3320146534112779&correlator=2754927233693432&eid=31079299%2C31079291%2C31079234%2C31079240&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&arp=1&abxe=1&dt=1698920509648&lmt=1698920509&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=299927836.1698920509&ga_sid=1698920509&ga_hid=1326638089&ga_fc=true&dlt=1698920508161&idt=720&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_3_0_pv%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54bbe241a665de61a2a8f65551a1ace94d98484dcfd61c7b10eda934c7770ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15718
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449154837
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_page_level_ads.js?cb=31079291
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a19b3a770a433295ec7c946e9a2d4d263489be69ebab4d54aafb13ecd9d337b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
81870
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13755
x-xss-protection
0
server
cafe
etag
4541188775071356988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 11:37:19 GMT
truncated
/ Frame 83B9 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
552effdda2d28707a0fdb52be2b71537d322288cb013e5a06d2025137f8fd3ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 83B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTNDb1m_FVpvlw4zx_vXKmzZDCy33b5xXA5WLTyjuGpsnigkxP39uir9eTddbhdxP_SExxvEQcuj-3GKGkuYAcADEi90bkerqUbeo1YgrFyXp3uD0m36ijtfsuA5ePuMbnEhqHFQDd4QqfoM4DBcllEniEpZZXTgREFdopy3i_WtIEYn0aJj_y_oczMXdtN0s_beHu7IxQtCKfTkifoBOBJWhcnvw5iuxwoD_Xsx-z7gBxIZQjILB9CffeCLXTf5pTeqvnaa5NCYLWsK9zRnol4XcEKB7pArzVAPZEi6kpGi9goDh56xtxxZm1VtMhcRhObbej&sai=AMfl-YSK--ygg-GEnqZL5Nz6EDz3VLAiPyIpHYv8pm4RbOwZ84kxzcj-dXBXIwH01K8SCJQTA3qjvhPPHzs8n3EKt5_wtU3fWLsDqYI3cK2MW8ZGV3Fsj2j5d8CjpDYQC8x2-bH2pEIl-UuSCOfGaNKU&sig=Cg0ArKJSzJ4bBXXeE2C4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Nov 2023 10:21:49 GMT
impress
ad.vidverto.io/delivery/ 		56 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&referrer=&async=1&uid=4571516918&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
35a456356fd73efae3ec0974b70ed27735c023868fecf1d5c69b16a8934c3e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg5MjA1MDk2MjksInBhY2tldElkIjoiMDAwMEE3MDEtZDJiMjZlMDQtMGZiYy00NTkxLWI0ZmYtZWMxMWRmYzQwMjhkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1LXJlbi1sYW4td2FuZy1zaGVuZy1kYW4tZGEtemhhbi1waW5nLWp1bi1waWFvLWppZS1wby0ybW8tMS16aGUtY2hhbmctcnVvLXF1LXhpYW8tbmJha29uZy1wZWktMTF5aS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4089.2000045776367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B9B2 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8be39d4faeded8802a3cf504aa860d41b2cf5c1c40223879b0da41d32854f348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29846
x-xss-protection
0
server
cafe
etag
671 / 19663 / m202310250101 / config-hash: 9369610358558058957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:49 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.4/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a10026a5515532bc83d5cc40f634aaca4ee39b21ae46ab1edcfd12f8e90396d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 57fd498ade4153c5e3d48ab14f417dd6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP53-P3
age
27752
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35015
x-served-by
cache-mxp6970-MXP
last-modified
Thu, 02 Nov 2023 01:19:16 GMT
server
AmazonS3
x-timer
S1698920510.948261,VS0,VE0
etag
"b47108d5ce64f616cbca39ef75fd8496"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
SreRPPEh8vpGBd_iSVGkGgE13bPBzWg3omURoUVdKv1YvlQfyvnobw==
x-cache-hits
2332
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231102
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a34e11ebf0ce5dc89f255eaba05379c048b35c2e259f719162caf48ba2fbdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8725
x-jsd-version
1.0.1861
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mad2200122-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-vDp1B9kyqfR0sTbk/GuzmQvMMt8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqXuyhvfOtKB8DJ8QADKwgfcAR%2BMlUa4jZYxsT1hcUu9vkGxECANOp6xLBBu2uqMp9gc2bBWcuLgd8gY73k4HKF2jeqybwSY6AzS76vJ82vx7f6nwfIDbndKFJHhVa%2BGlSqCIm%2FsZ9FQ7%2BqOTSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81fba7232a560488-CDG
adreq
ads.servenobid.com/ 		592 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4797
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
054f22e1b60b2dcfbae3950103b79391c61fd34578708a1213dedbf9ec0e2ff9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81fba7232ad93b5e-GVA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.106.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-106-17.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d52650c2466b3ad8cf49c0ef9ff4f33e4f1088915fe619b7bb1f96e6adad1038

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 02 Nov 2023 10:21:50 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid-request
onetag-sys.com/ 		15 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e110a36c3a06771857df3aba5ae2d20a3d3e0c39bb2d68ba6eb10afeabb8e6c3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
130
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Nov 2023 10:21:49 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e9e2e59e882650c46b24b4d970120661ab38b9452a6937c9f73c97cfde8682

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jaypvg8IpzOFYC1yLdK6%2BUDYOozR%2FTYhXNFg%2Bpn%2By4DO20zrq0PXp5fyLJfqItfwO%2BV7bq5DJDQEMP7x2hZKCKqzIxQgkN9pZEGHPqDlXQhHvN9ppGJRInGeQatHag%2BtO4jZNkrG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81fba7232d61020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e9e2e59e882650c46b24b4d970120661ab38b9452a6937c9f73c97cfde8682

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDU0ILbEtOyPcwrQ%2Fo2hw0tKhqK7uMZhN%2FIs2srczfg4wXj36NeVA1VwizGHYAT%2FW%2FHmSfnvgCauUzd7lTe4k0IKXfWqdnKsbiQX9zq5OsIZZGZODC6nuzT06ojxglDTITpCvaKy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81fba7232d5e020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
7a119654cb28db513c388b417aaff30ea6aea5003c1a3fffb8e633200ed30c69

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.20.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-20-252.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=54875366774&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ca790105e43062bca900ea8fa23a5e3b5c90b8de733830b6ea44ae2fdcd33eb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
an-x-request-uuid
e089c244-28ab-44cd-a598-07057f0f88bf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 02 Nov 2023 10:21:49 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.199.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-199-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
9
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1ea2943fd4b504cac8a83778b97e03ef2be6aa863a8549bed8dcd55f83840dd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		437 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=5ff56fd3-bba8-4317-b99f-f049bd1493e4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%B9%96%E4%BA%BA%E3%80%81%E7%B1%83%E7%B6%B2%E8%81%96%E8%AA%95%E5%A4%A7%E6%88%B0%E5%B9%B3%E5%9D%87%E7%A5%A8%E5%83%B9%E7%A0%B42%E8%90%AC1%E9%80%99%E5%A0%B4%E8%8B%A5%E5%8F%96%E6%B6%88NBA%E6%81%90%E8%B3%A011%E5%84%84&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=7f027842-f363-4ed9-9f9f-50adf923cf6a&l_pb_bid_id=508b976226d9698&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7f027842-f363-4ed9-9f9f-50adf923cf6a&rp_maxbids=1&slots=1&rand=0.6352188891069235
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ac22cb6c35367aaa4f61f7e556432fd178dba644e07aaf21020ca86bf430ae3a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
437
expires
Wed, 17 Sep 1975 21:32:10 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Nov 2023 10:21:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 209C 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a98b7cf286df8a90047d57e609a44aa2b2afd526d0c159d172817392718beb38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52278
x-xss-protection
0
server
cafe
etag
6719767642132079359
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:49 GMT
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1681%7D%22%2C%22eventTime%22%3A1698920509840%7D&tim=11%3A21%3A49.840&id=8868&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.0625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A21%3A49.855&id=770&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A21%3A49.866&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7383&cv=20231101-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
87649
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 08:39:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Nov 2023 10:21:49 GMT
spa-detector.20231101-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231101-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29f22d0f57055a4afa29dff3f39af25b02b68c88138a4fb7a5ce01fa12a69c3e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
v4JMz_IcloKr4xRCLtxFyIUm0i60jVWs
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:49 GMT
x-amz-request-id
RHPMA7XVYYAMDVPY
age
524
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
vKdT0cvq9k/0MCbALyE2f0WjdmL240P/dnho7J+tX/pMigSHwQjKN2peQ4X728Ij4wWa9h14NpQ=
x-served-by
cache-mxp6931-MXP
last-modified
Thu, 02 Nov 2023 10:13:06 GMT
server
AmazonS3
x-timer
S1698920510.879948,VS0,VE0
etag
"85f043d291fccad973963675a075d2be"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
457
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A21%3A49.867&id=3822&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1698920509869%7D&tim=11%3A21%3A49.869&id=2097&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A21%3A49.871&id=5081&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi48=11657&tvi50=9058&lti=deflated&ri=ac9b51874e624e7a17f679c08e8aedfb&sd=v2_2cb62fa878092f1d9af1278499b1bcce_02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc_1698920508_1698920508_CNawjgYQ2YJdGNHatvy4MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&pi=/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&wi=3383238750344251228&pt=text&vi=1698920508753&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1698920509872%7D&tim=11%3A21%3A49.872&id=5755&llvl=2&cv=20231101-5-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
onetag-sys.com/usync/ Frame 9F46 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
3db4999c8da51baa4c34ea00cb916667b6df1e51e06411681f90c35f440ee430
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1435
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127418
x-xss-protection
0
expires
Thu, 02 Nov 2023 10:21:50 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 02 Nov 2023 11:21:49 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 02 Nov 2023 11:21:49 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=e9e473fc2e9f74fc0cb5df55bbbaeb3f
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 15:16:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65368e64-16141"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 02 Nov 2023 11:21:49 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 02 Nov 2023 11:21:49 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 02 Nov 2023 11:21:49 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=3dc0edf3-0f99-40c9-8368-7a0a8c21b5d0&p_id=23
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=3dc0edf3-0f99-40c9-8368-7a0a8c21b5d0&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=3dc0edf3-0f99-40c9-8368-7a0a8c21b5d0&p_id=23
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f415c98d-f000-4f74-8052-d8d05d56b8e6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f415c98d-f000-4f74-8052-d8d05d56b8e6&gdpr=0&gdpr_consent=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-ebecRL2hmk_Sd271iLbmKvLahZ__aOVbNwaJzw&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=650e328f-9a59-41ee-9574-4c21fdbf254d&p_id=15
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=650e328f-9a59-41ee-9574-4c21fdbf254d&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=650e328f-9a59-41ee-9574-4c21fdbf254d&p_id=15
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:49 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Thu, 09 Nov 2023 10:21:49 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/ Frame B9B2 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
82494
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135100
x-xss-protection
0
server
cafe
etag
11278338207436733902
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 31 Oct 2024 11:26:56 GMT
img
sync.mathtag.com/sync/ Frame 9F46 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x11 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:50 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x11 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 02 Nov 2023 10:21:49 GMT
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-1N-72WP&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-1N-72WP&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-1N-72WP&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=553898122509061949
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=553898122509061949
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
an-x-request-uuid
affef30f-0c33-43b3-ac41-480f074221bb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=553898122509061949
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698920510210042-422
Expires
Thu, 02 Nov 2023 10:21:50 GMT
tap.php
pixel.rubiconproject.com/ Frame 9F46 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9F46
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-NspuwUdXZXMZfv9Xwr0mqsWXle-TIpA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-NspuwUdXZXMZfv9Xwr0mqsWXle-TIpA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-NspuwUdXZXMZfv9Xwr0mqsWXle-TIpA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6075063565185387860
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6075063565185387860
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6075063565185387860
date
Thu, 02 Nov 2023 10:21:50 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 9F46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 9F46
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AXRVFT02D7C7W2X2X5JK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUJBQzRBOEItQ0M2OC00N0EzLTk0N0ItNDhGRDM5MTlBQjhD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
date
Thu, 02 Nov 2023 10:21:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
date
Thu, 02 Nov 2023 10:21:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 9F46 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 9F46
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=650e328f-9a59-41ee-9574-4c21fdbf254d&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fd...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=650e328f-9a59-41ee-9574-4c21fdbf254d&r=https%3A%2F%2Fx.bidswitch.net%2Fsy...
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=9c862516-bac4-4675-8fc3-65c5834d9915&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d
  • https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame 9F46
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s&p_id=5
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s&p_id=5
date
Thu, 02 Nov 2023 10:21:50 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/ Frame 209C 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df2fb88411f13bab86aef52f75c74855c21e8d8d5e8069d0cf8d05a6367c92bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138532
x-xss-protection
0
server
cafe
etag
5813487970940454099
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/ Frame 6B1F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
72532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 14:12:58 GMT
etag
251720774729838433
expires
Wed, 15 Nov 2023 14:12:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:48:18 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2012
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
II-0fh1fjO_SCtehV1yQV3Ztkjm53VKps5RZeQHhCIQXB8UOU_FFIg==
bid-request
a.teads.tv/hb/ 		16 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 02 Nov 2023 10:21:50 GMT
prebid-request
onetag-sys.com/ 		23 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
44040a3b5df73f75e3461309d429f7536053b0f512bd4691e2248b595e0050f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
15756
hbjson
grid.bidswitch.net/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.106.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-106-17.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
45a3ef1f71e7d6ac001a0f5cc25a5b2baf3886709af0c8e59dd3652325bb6110

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 02 Nov 2023 10:21:50 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
13496
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.199.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-199-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
12
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b443b4a8812d806f605d1cd05d8a32344d62373ecb16f0bf259bdce3fa3966f4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:49 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
41
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Nov 2023 10:21:50 GMT
prebid
ib.adnxs.com/ut/v3/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
47937bc2ee4b210caec199a6f2a6e5da90f8da18ed4a88293434f0da1039e594
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
an-x-request-uuid
3db1406d-53a4-40d0-ba05-06737d26dcfb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe46eed5d8efd357c64530f0c42ff590be04b8288dccd5a0c5a68629fd29194

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VY8tASAdiuLBZBQz6mqYfD3P5Cl5NsJV27PgSMe3UNIpR7%2Fb%2BlfoIw2aW8u0fC9f9gOo5yARbNTBvTSaNJ3ra5C7pcAl2Xz3VBNm8P%2FwFH3v%2FcEWStdDUrfMWIZXKm6oggB4ZF9%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81fba7249fb0020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe46eed5d8efd357c64530f0c42ff590be04b8288dccd5a0c5a68629fd29194

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWQqwwXOpiDIbMJfC1PtzFWaQs4ejVIRc7bbkazY2BZn261GIs19F4ICjI9xbIVKXjg9IKeuLyVKTwR1vDVesGpc9vGurVXeC2K51fsSv%2Foi0FLo8Oa5fPRIVo0IVvgKGP2G%2FPro"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81fba7249fb9020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe46eed5d8efd357c64530f0c42ff590be04b8288dccd5a0c5a68629fd29194

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLQBY06e6XNepi%2FtDO47nspQ1fD1%2F6cc3qbFsq36xigcj0Mf8AD%2FkT%2FpjUO7Yu5iyM4m5Lq0b%2FzDSt6hX%2Fjudh7mMUj1FjPH2td6AmbHwZ%2FaJ85OPta0Y%2BwmNudOB6AIvi6lJOYr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81fba7249fba020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
1d91ff6fc15a9243de88237009b60ccd54246d958c88f55e151d0c412b08243b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:50 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.20.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-20-252.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81fba7249bb33b5e-GVA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
3c8c8908c576eed86b6180af71ae2d76a60e55e81b39f67f83c769ecdefd336f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		424 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=5ff56fd3-bba8-4317-b99f-f049bd1493e4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%B9%96%E4%BA%BA%E3%80%81%E7%B1%83%E7%B6%B2%E8%81%96%E8%AA%95%E5%A4%A7%E6%88%B0%E5%B9%B3%E5%9D%87%E7%A5%A8%E5%83%B9%E7%A0%B42%E8%90%AC1%E9%80%99%E5%A0%B4%E8%8B%A5%E5%8F%96%E6%B6%88NBA%E6%81%90%E8%B3%A011%E5%84%84&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=b524a948-04d5-4758-9e0c-cddf337d8302&l_pb_bid_id=8400bc30a932871&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b524a948-04d5-4758-9e0c-cddf337d8302&rp_maxbids=1&slots=1&rand=0.5628456476113184
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
afe35b82edcc811190b69443a6b74152202b5b88cf2a554a91abc821fe1c4702

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		592 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2649
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b3a9de63e2b549859d74808cac442cb1f88228f79311857bbc69129232770115

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=60602798618&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
css2
fonts.googleapis.com/ Frame F19F 		4 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 08:33:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Nov 2023 10:21:50 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame F19F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:40:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
74462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8600
x-xss-protection
0
server
cafe
etag
14061149270319446037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:40:48 GMT
usync.js
eus.rubiconproject.com/ Frame 74B0 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 01:53:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55913
Connection
keep-alive
Content-Length
11104
Expires
Fri, 03 Nov 2023 01:53:43 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
a1551001.js
js.genieessp.com/t/551/001/ Frame 2E64 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/551/001/a1551001.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:10:59 GMT
server
nginx
etag
W/"65016e93-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Thu, 02 Nov 2023 10:36:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E64 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:52 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odS1yZW4tbGFuLXdhbmctc2hlbmctZGFuLWRhLXpoYW4tcGluZy1qdW4tcGlhby1qaWUtcG8tMm1vLTEtemhlLWNoYW5nLXJ1by1xdS14aWFvLW5iYWtvbmctcGVpLTExeWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWQyYjI2ZTA0LTBmYmMtNDU5MS1iNGZmLWVjMTFkZmM0MDI4ZCIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMDU2OWYzNDQtNDc2MC00ODdlLThjZTQtMjJiYTRlYjYwNjI3IiwidGltZU9mQXVjdGlvbiI6MTY5ODkyMDUwOTc2MiwiYmlkcyI6W3siY3BtIjowLjA4MDM2NywiYWRJZCI6Ijg5YjRmNWQ2Zjk3MGQ5YiIsIm9yaWdpbmFsQ3BtIjowLjA4MDM2NywiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDA4MDM2NywiZm9ybWF0VHlwZSI6Im5hdGl2ZSIsInJlc3BvbnNlVGltZSI6NTA2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODkyMDUxMDMxNX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhcHBuZXh1cyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODliNGY1ZDZmOTcwZDliIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA4MDM2N31dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4813.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
st
imprammp.taboola.com/ Frame DD6E 		577 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1698920510465&uv=3352&tms=1698920510465&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9c020041-53a9-49bc-aab3-1a11038428e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5944725d92fa4d612abe0360e8bc3c7fd9880bb5f37d15e731f3d49be1cadb9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 02 Nov 2023 10:21:50 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6931-MXP
x-timer
S1698920511.507483,VS0,VE24
sync
am-match.taboola.com/ Frame D2F8 		577 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b5944725d92fa4d612abe0360e8bc3c7fd9880bb5f37d15e731f3d49be1cadb9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 02 Nov 2023 10:21:50 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1698920510472&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1565&pt=1674462963&tz=60&viewable=true&ddast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fa8cc5864981df7c04184f215bb13c031ee928376bcc8b3406eaaf47180d23e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1420
x-cache
MISS
x-served-by
cache-mxp6931-MXP
pragma
no-cache
server
nginx
x-timer
S1698920511.504009,VS0,VE50
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:50 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
prebid-request
onetag-sys.com/ 		15 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
khaos.json
token.rubiconproject.com/ Frame 74B0 		7 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
pixel;r=685057898;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html;uh=e51ed67dfb8d9...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=685057898;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-189277612-1698920510127;pbc=5ff56fd3-bba8-4317-b99f-f049bd1493e4;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1698920510555;tzo=-60;ogl=;ses=f1128e6b-6a2f-4aca-bb91-296f53586fd6;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 483B 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30250ceb5c467758fa9a69dc03bd46371d10d66f6b9607afc689230b9da01a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16336
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:51 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3320146534112779&correlator=2424470944236514&eid=31079299%2C31079291%2C31079234%2C31079240&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&arp=1&abxe=1&dt=1698920510649&lmt=1698920510&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsmJC99OtajFHD90FU8dH90X0785ouFriVetq0zB6ncxiJ2xwhqYcd0Nl5I08bfrGVhXw-7JxKA2UQyns9xUdqU&ga_vid=299927836.1698920509&ga_sid=1698920509&ga_hid=1326638089&ga_fc=true&dlt=1698920508161&idt=720&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_3_0%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_native_image%3Dhb_native_image%253A89b4f5d6f970d9b%26hb_native_linkurl%3Dhb_native_linkurl%253A89b4f5d6f970d9b%26hb_native_body%3Dhb_native_body%253A89b4f5d6f970d9b%26hb_native_title%3Dhb_native_title%253A89b4f5d6f970d9b%26hb_ap_format%3Dnative%26hb_ap_pb%3D0.08%26hb_ap_adid%3D89b4f5d6f970d9b%26hb_ap_bidder%3Dappnexus%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A89b4f5d6f970d9b%26hb_native_image_appn%3Dhb_native_image%253A89b4f5d6f970d9b%26hb_native_body_appne%3Dhb_native_body%253A89b4f5d6f970d9b%26hb_native_title_appn%3Dhb_native_title%253A89b4f5d6f970d9b%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e9e55198296a8d4ccbacd8b95d4ec9fa03e13cea7ef3bc8c5873edd6c8e9be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11390
x-xss-protection
0
google-lineitem-id
5317549437
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305001114
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame B9B2 		492 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2241724623878130&correlator=127061074989937&eid=31079298%2C31079303&output=ldjh&gdfp_req=1&vrg=202310250101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1698920510674&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=wdah7y23q483&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMmjtJpHZpm1k8ZNWLgNDeCFQez0DEwEPa3RuJalBaFyzYkexO9aZYzqmjRvIxdHKJeTFEQ3hNfAvCRgnjjHjQwGt-HOp-n_DCEgOb6_GVjDXA06tfo_eO65mLrTndUWqHH90BcEeKI-YIhhmTEmIhM_KlphCY0T1QMXlDlaWFQlBfUQHiW19LsO93PhCfZ6eUVu9c5S4c4dlrlZh3o&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1381801739.1698920511&ga_sid=1698920511&ga_hid=307898481&ga_fc=false&dlt=1698920509726&idt=668&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0f91b07e19b8eb7435d9194690aea26731eeb0228596c3867909261323ef275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B9B2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc41a1391918f2147009204a59b35add8ca0ef53935bc8c6c43228826a845f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12327
x-xss-protection
0
container.html
3175cde3d0f4452140400cda74adb5b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E3B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3175cde3d0f4452140400cda74adb5b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:50 GMT
expires
Fri, 01 Nov 2024 10:21:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odS1yZW4tbGFuLXdhbmctc2hlbmctZGFuLWRhLXpoYW4tcGluZy1qdW4tcGlhby1qaWUtcG8tMm1vLTEtemhlLWNoYW5nLXJ1by1xdS14aWFvLW5iYWtvbmctcGVpLTExeWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWQyYjI2ZTA0LTBmYmMtNDU5MS1iNGZmLWVjMTFkZmM0MDI4ZCIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJiOWVlMjg4My00MzU0LTRmZDAtYTljNS1kY2FiYWU3N2UyN2MiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk4OTIwNTA5ODMyLCJiaWRzIjpbeyJjcG0iOjAuMDMyMjQ3MTQzMTc1LCJhZElkIjoiOTFiNmUyYmQ2MDFmYzc1Iiwib3JpZ2luYWxDcG0iOjAuMDMyMjQ3MTQzMTc1LCJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDAzMjI0NzE0MzE3NSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MjAyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODkyMDUxMDM2MH0seyJjcG0iOjAuMDgwMzY3LCJhZElkIjoiOTJhYzg3NjJkNjUzMjJiIiwib3JpZ2luYWxDcG0iOjAuMDgwMzY3LCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDgwMzY3LCJmb3JtYXRUeXBlIjoibmF0aXZlIiwicmVzcG9uc2VUaW1lIjoyOTAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTIwNTEwNDUyfSx7ImNwbSI6MC4wMjg3NjQsImFkSWQiOiI5NGIyNGFmYTM3OGNhZTYiLCJvcmlnaW5hbENwbSI6MC4wMzM4NCwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDI4NzY0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1NDgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4OTIwNTEwNzA3fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFwcG5leHVzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI5MmFjODc2MmQ2NTMyMmIiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDgwMzY3fV0sImNvdW50cnkiOiJDSCJ9&c_b=5075.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
generic
match.adsrvr.org/track/cmf/ Frame DD6E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1698920510465&uv=3352&tms=1698920510465&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9c020041-53a9-49bc-aab3-1a11038428e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame DD6E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1698920510465&uv=3352&tms=1698920510465&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9c020041-53a9-49bc-aab3-1a11038428e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36367

Redirect headers

date
Thu, 02 Nov 2023 10:21:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
content-length
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_2/infra/ 		813 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_2/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
dc0846f9c62f7dc8c09a38aa7588488b2bc89edd391c20c806f0bf23882ddc28

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698746639
date
Thu, 02 Nov 2023 10:21:50 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
1HT1RKS3FJE9TJ1A
age
173732
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698746639
x-amz-meta-mode
33188
content-length
134841
x-amz-id-2
trwt74JaZ8a2JO9H8FYzrP6BKljBC3eSbvRbTf/R4ZTkaB6mTYoKAmmFj1+wTCokyI1mYTrcdW4=
x-served-by
cache-mxp6970-MXP
last-modified
Tue, 31 Oct 2023 10:04:01 GMT
server
AmazonS3-br
x-timer
S1698920511.766250,VS0,VE0
etag
"7d1f2cda965940c4c2a84510576d3427"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
33401
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_2/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_2/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698746657
date
Thu, 02 Nov 2023 10:21:50 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HZT93RG67JEPGBNF
age
173734
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698746658
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
3trwzYjTKPPFp7NW6y8YnA2LbmZSS21CUBlL6mkibGD9Hqae3/IUfny94YDZKca7wxNwd8eN7vs=
x-served-by
cache-mxp6931-MXP
last-modified
Tue, 31 Oct 2023 10:04:19 GMT
server
AmazonS3-br
x-timer
S1698920511.766505,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
42251
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=5906&tvi48=11657&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
87
date
Thu, 02 Nov 2023 10:21:50 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
73488
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6931-MXP
pragma
no-cache
server
nginx
x-timer
S1698920511.794487,VS0,VE87
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame D2F8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D2F8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36367

Redirect headers

date
Thu, 02 Nov 2023 10:21:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 74B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOH1ENG5-O-8APL
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOH1ENG5-O-8APL
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Thu, 02 Nov 2023 10:21:51 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3320146534112779&correlator=1785994526463275&eid=31079299%2C31079291%2C31079234%2C31079240&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&arp=1&abxe=1&dt=1698920510777&lmt=1698920510&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsmJC99OtajFHD90FU8dH90X0785ouFriVetq0zB6ncxiJ2xwhqYcd0Nl5I08bfrGVhXw-7JxKA2UQyns9xUdqU&ga_vid=299927836.1698920509&ga_sid=1698920509&ga_hid=1326638089&ga_fc=true&dlt=1698920508161&idt=720&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_3_0%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0%26ap_refresh_type%3DAV_3%26hb_native_image%3Dhb_native_image%253A92ac8762d65322b%26hb_native_linkurl%3Dhb_native_linkurl%253A92ac8762d65322b%26hb_native_body%3Dhb_native_body%253A92ac8762d65322b%26hb_native_title%3Dhb_native_title%253A92ac8762d65322b%26hb_ap_format%3Dnative%26hb_ap_pb%3D0.08%26hb_ap_adid%3D92ac8762d65322b%26hb_ap_bidder%3Dappnexus%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A92ac8762d65322b%26hb_native_image_appn%3Dhb_native_image%253A92ac8762d65322b%26hb_native_body_appne%3Dhb_native_body%253A92ac8762d65322b%26hb_native_title_appn%3Dhb_native_title%253A92ac8762d65322b%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
272db526f3970acd9ca9f8f91863187395ad59b884e155d1b709ceadd09139b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11387
x-xss-protection
0
google-lineitem-id
5317549437
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305001114
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame E04A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1698920510465&uv=3352&tms=1698920510465&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9c020041-53a9-49bc-aab3-1a11038428e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 10:21:50 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D94C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 10:21:50 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B9B2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Nov 2023 10:21:50 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 02 Nov 2023 11:21:50 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 5553 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
462791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Nov 2023 10:21:51 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 26FE 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 02 Nov 2023 10:47:46 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=yL538gMWdmPxvbYkj3VbbNAKdrtvp%2B%2Bz8WODCua%2Fq7P1ozKl7CWmpqpc09udkNh3Sz7%2Fezeswczt0B86otH5Nm6sBdpvxSIGXBf4vmbnKzFZEsONei%2BCXSshFzJ0znj7kQ0NJvMzzBWiA0HaZaQItQzCZfhYagt4uStwt2U7JVFYrXrhxplSQMapiufGxe%2BCB6zYaJC1MR14VIBB5dGRiHhW%2BHd8%2FHq9Z5a7eFYftjYll%2Fl5RytMG9AenaSdfdiNqPwn%2Fk%2BIQvA%2B0%2BSsBXETDgnId43dcYEpJ8jLp%2FsOXTL27RRUa3Ft%2Fl5EdSLQFbPMGiEfQTI3a9gnah%2BwH2VbfAEccW1MCD0hR5nEZ8m5EPrL%2Fn8z3d4JgpIk4ANY3DqPdH%2FYpa7x73Nlz6cMnkdsBUafq%2FHWDEYIrfruQPuHb74O7%2BjkezwYcb%2Bic%2Brne4wo3IvWoReu3tjI4tnbzU85XA2Zt9APzCimqN%2FfmKdSvOZKYErug%2FXobGLcWmtOwa3%2B7hCcY972wuoiBX9UddpdDjMFqo0L7YrLLQfu3%2B1FktCR60Qzzy31TFnJ65nTfiq3C39uUvl1zng03VTm7GQ3rw%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/ 		152 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 02 Nov 2023 10:21:51 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
usync.js
eus.rubiconproject.com/ Frame E04A 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 01:53:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55913
Connection
keep-alive
Content-Length
11104
Expires
Fri, 03 Nov 2023 01:53:43 GMT
usync.js
eus.rubiconproject.com/ Frame D94C 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 01:53:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55913
Connection
keep-alive
Content-Length
11104
Expires
Fri, 03 Nov 2023 01:53:43 GMT
pixel
cm.g.doubleclick.net/ Frame 74B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY3YTViYmMzODViZGQyNjgwYzBlNzQxYzliZmU3ZjFmNWM2N2MxYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY3YTViYmMzODViZGQyNjgwYzBlNzQxYzliZmU3ZjFmNWM2N2MxYw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY3YTViYmMzODViZGQyNjgwYzBlNzQxYzliZmU3ZjFmNWM2N2MxYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 74B0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1nBeCfmFQ5qzr1N0utsvkA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1nBeCfmFQ5qzr1N0utsvkA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1nBeCfmFQ5qzr1N0utsvkA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EC4PNJPAZHWNKFBNNYFW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1nBeCfmFQ5qzr1N0utsvkA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 74B0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7xvm0DjITjSXxWKOgpFw-Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7xvm0DjITjSXxWKOgpFw-Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7xvm0DjITjSXxWKOgpFw-Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GF769HH72XNYCS2Q4B1B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7xvm0DjITjSXxWKOgpFw-Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 74B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOH1ENG5-O-8APL
0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D51020B84C4342428CAC8DD2A4413731 Ref B: ZRHEDGE1014 Ref C: 2023-11-02T10:21:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJKMGU4qoFPcno3p6tLg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOH1ENG5-O-8APL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 74B0 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 74B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ubMnw8IQv_5jNBfoBBDQbA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eSRIxzZE2oJYW9bSsaoVi0ZcYfkF9DeEGcp3Og--~A
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eSRIxzZE2oJYW9bSsaoVi0ZcYfkF9DeEGcp3Og--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eSRIxzZE2oJYW9bSsaoVi0ZcYfkF9DeEGcp3Og--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 74B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9IMUVORzUtTy04QVBM
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO3i0ZuZom_-_TubO3YjO9M&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9IMUVORzUtTy04QVBM&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9IMUVORzUtTy04QVBM&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9IMUVORzUtTy04QVBM&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 74B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE-zYQgyxxEhd3uXATGN71k&google_cver=1
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE-zYQgyxxEhd3uXATGN71k&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE-zYQgyxxEhd3uXATGN71k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 74B0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEWQE7KhvAAABe7vLWZ2g&expires=30
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEWQE7KhvAAABe7vLWZ2g&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEWQE7KhvAAABe7vLWZ2g&expires=30
Date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 74B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LOH1ENG5-O-8APL
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
216.52.2.16 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:51 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOH1ENG5-O-8APL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 74B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOH1ENG5-O-8APL
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:51 GMT
an-x-request-uuid
10460484-96e6-43da-83a4-3d016f4d9463
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOH1ENG5-O-8APL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 74B0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1&expires=30
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1&expires=30
Date
Thu, 02 Nov 2023 10:21:51 GMT
Connection
keep-alive
X-CI-RTID
d4a56095-60b8-46e4-bf4b-61a12bee26eb
Content-Length
144
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 74B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOH1ENG5-O-8APL
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
18.195.255.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-255-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOH1ENG5-O-8APL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 74B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOH1ENG5-O-8APL
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOH1ENG5-O-8APL
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOH1ENG5-O-8APL
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
liveCS.php
live.primis.tech/live/ Frame 74B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOH1ENG5-O-8APL
0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2600:9000:2251:2e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:50 GMT
content-encoding
gzip
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
1HHLeJ0X0IiGYTtKE7rRjFp-lxX6Pt_0_Ed0N-pOSV01dtfiBzLKFQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOH1ENG5-O-8APL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 74B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOH1ENG5-O-8APL
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOH1ENG5-O-8APL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 02 Nov 2023 10:21:50 GMT
via
1.1 varnish
x-amz-request-id
DM4PFN0WZV5ZS5NS
age
10435
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by
cache-mxp6931-MXP
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1698920511.985373,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
70
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2647
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:adb4:94e5:4f5e:5116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvaHUtcmVuLWxhbi13YW5nLXNoZW5nLWRhbi1kYS16aGFuLXBpbmctanVuLXBpYW8tamllLXBvLTJtby0xLXpoZS1jaGFuZy1ydW8tcXUteGlhby1uYmFrb25nLXBlaS0xMXlpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaHUtcmVuLWxhbi13YW5nLXNoZW5nLWRhbi1kYS16aGFuLXBpbmctanVuLXBpYW8tamllLXBvLTJtby0xLXpoZS1jaGFuZy1ydW8tcXUteGlhby1uYmFrb25nLXBlaS0xMXlpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 01 Nov 2024 10:21:51 GMT
date
Thu, 02 Nov 2023 10:21:08 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
via
1.1 46c9f6285b432bb7ca825d1b5670a6b0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP64-C1
age
2088088
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-mxp6931-MXP
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1698920511.102158,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
GYJJg7cHa9StY_p8FziuGzT8rJ8lRYh0JE2SiZPd1FnWWMlxlyRlkA==
x-cache-hits
9030
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.5/ 		426 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2f7ed4e77c9ae0c81247f1868ff69ab63d0e7c9ada05cc79356d8f671cba3a0d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698746463
date
Thu, 02 Nov 2023 10:21:51 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
79K9WF29WSF46DEP
age
173974
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698746477
x-amz-meta-mode
33188
content-length
82073
x-amz-id-2
zMAuXI6O0U7Xw8oVva7WnMcAZPAQ8gG5I04E307k8n5Kn/Md0s24GaOWD5WXk/HOvsqSwJUuodE=
x-served-by
cache-mxp6970-MXP
last-modified
Tue, 31 Oct 2023 10:01:18 GMT
server
AmazonS3-br
x-timer
S1698920511.147902,VS0,VE0
etag
"70a1fab1aff95971a6240163950d2f7e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
52482
sync
am-match.taboola.com/ Frame CA8E 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b5944725d92fa4d612abe0360e8bc3c7fd9880bb5f37d15e731f3d49be1cadb9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 02 Nov 2023 10:21:51 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=31579697&cb=1698920511139&uv=3352&tms=1698920511139&su=3&abt=adxsub-out_vA!adxsub-out_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
content-length
0
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CB2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 09:49:32 GMT
expires
Fri, 01 Nov 2024 09:49:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7266 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
047b9efc511eeb39d7f27c02113422efb8cabbd580df881a4a93e25b7b24a705
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QL0PKdzmef9HSRBwmLUlWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QL0PKdzmef9HSRBwmLUlWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:51 GMT
expires
Thu, 02 Nov 2023 10:21:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 02 Nov 2023 10:21:51 GMT
via
1.1 3bbd9c639a192694d597e09ea3006bce.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MXP53-P3
age
1935329
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-mxp6931-MXP
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1698920511.284472,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
rwv7OLZdAtEftvukpuYs4xNlsLRSkpDbrV3q9Gctrh9YYok5D3MY9Q==
x-cache-hits
25862
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 483B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:41:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
2395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 09:41:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 483B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 13:29:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
75162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 13:29:09 GMT
l
www.google.com/ads/measurement/ Frame 483B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_AOH3YOlG4R5aHXYKJnqRL5KZL4gMOAnuLx4wewdigLTSOrr_2rx8napRzoA-PMwWzo77uW8sN55RC55AOtm_UMym0g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 483B 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:52 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 06:17:50 GMT
x-content-type-options
nosniff
age
446641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:55:47 GMT
x-content-type-options
nosniff
age
451564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127418
x-xss-protection
0
expires
Thu, 02 Nov 2023 10:21:51 GMT
generic
match.adsrvr.org/track/cmf/ Frame CA8E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame CA8E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
45164

Redirect headers

date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-VuOV3hZE2oRJm_ywpNyW4oIgTmjLHjd6_DIQbg--~A
content-length
0
khaos.json
token.rubiconproject.com/ Frame E04A 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
khaos.json
token.rubiconproject.com/ Frame D94C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
container.html
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B014 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:49 GMT
expires
Fri, 01 Nov 2024 10:21:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:49 GMT
expires
Fri, 01 Nov 2024 10:21:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/ 		100 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 02 Nov 2023 10:21:51 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
usync.html
eus.rubiconproject.com/ Frame 3752 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 10:21:51 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		270 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d334c561616a392daba46850f9c65d76d9e13f118f524147c8f80325eaaeaf53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91519
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Nov 2023 10:21:51 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:51 GMT
x-amz-request-id
HHY0NQ91R65HT3D9
age
919
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
1aLLj3wTF6Hb4QpDejMBZ+IhqWdnyRRAZC3aa69irK3RgvzcwGvLjH/ZFc60e1UY4gUBo215H64=
x-served-by
cache-mxp6931-MXP
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1698920512.628261,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
41
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2341
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231101-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 02 Nov 2023 10:21:51 GMT
x-amz-request-id
A6XD77SS1CMDSM72
age
10385
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
FSxV+8Hpz/6WkleYz3xquIzHKjbgxOmYAfNkOGLdUSjKradKSM07FyoFtz+tnbwAd2b/26VZ5MQ=
x-served-by
cache-mxp6931-MXP
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1698920512.628219,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
17
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1763
afr.php
ads.eu.criteo.com/delivery/r/ Frame 26C0 		53 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
736230b68637a100aa7b79381299d258c1d012c8fd2ce272a994f7d2870a379c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-4NfKEHBxizNWb1vd2M6OgoTa9dZ7GnK8Vb2vZRnpg7HTlbqLtVQBoX03JF3k5NCXgJP-aKOAIeHkFn0RbkTmrN5FrXxRJbi-hB-2nqYh3DT78alD2hsmsgZhkCtdBRaFpUYc5-V_7MMCRr1OqNxULeP0HJpwg8ag_8RJnPHuo760quvlFs8U5hwlYZ4XI-i5HSEfbypw0oWgKqNAWl3QLlf_AXmvgLYA8w0f_uYWNuadULQatVKnvrIEiCN4HAUnsKT2A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3097693
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2F08 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
28784
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 02:22:07 GMT
etag
48472445140208031
expires
Fri, 03 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 3752 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 01:53:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55912
Connection
keep-alive
Content-Length
11104
Expires
Fri, 03 Nov 2023 01:53:43 GMT
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 2E64 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1551001&cb=85485110519&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.13 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p013.net133186012.broadline.ne.jp
Software
/
Resource Hash
6ec6bb001d03a2a5cd58f057cbfd076f7c556e4eae33aba87296b6690479b685

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 2E64 		633 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/551/001/a1551001.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6529 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=14400
content-length
445
expires
Thu, 02 Nov 2023 14:21:51 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B014 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
82149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Oct 2024 11:32:42 GMT
native-trk.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame B014 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/native-trk.js
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f82c6dfd3fe1bc4eef0b0facc251264f2193ac0233bdfb87cf9d75aba8e8a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22504
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220045-FRA, cache-lcy-eglc8600066-LCY
x-jsd-version-type
version
server
cloudflare
etag
W/"2fce-wjD8EdtI/0k7sSEjTK6kjYlWuRs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujnCuGurWzlzumZYT3IaDkuRzHo9lw%2FTKoeH6ziWGKaoCduCEvJ4MOeji9n7SSbmLiECjISMSyz2uOnWnrWeg%2F51TZFkFL%2FZ%2BwntsehoVW1aYmtZw8I2gQYshFpgaQNnfJDbi8q7GkG%2BttGvYjc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81fba72e9e57f0f0-CDG
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B014 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:52 GMT
480_650.mp4
cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/ 		238 KB
239 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16646144-

Response headers

Date
Thu, 02 Nov 2023 10:21:51 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16646144-16890123/16890124
Connection
keep-alive
Content-Length
243980
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3F3E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 11:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
82149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Oct 2024 11:32:42 GMT
native-trk.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3F3E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/native-trk.js
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f82c6dfd3fe1bc4eef0b0facc251264f2193ac0233bdfb87cf9d75aba8e8a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22504
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220045-FRA, cache-lcy-eglc8600066-LCY
x-jsd-version-type
version
server
cloudflare
etag
W/"2fce-wjD8EdtI/0k7sSEjTK6kjYlWuRs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O40Nsi8wKghMyGC5UBIhtaybk2aWPpAXp7IzshH38%2FXOCLCwytn7kGGqsIHrhFNmnmtlysO3PLMILy%2F9TZeYDwbHbbqnhypJ2MefRaER%2Fv5X277L%2BqDYSTbg9UA0%2BWknkQC3oUoZs9cg8chkKUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81fba72e9e55f0f0-CDG
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F3E 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:21:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7266 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310250101&jk=2241724623878130&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JpKIWAsmmu2WfclJyy9Oj1lJN%2Fp4f9Gm3iqxx0za8bC%2Fh3HmZnfhWIFlNsjTNB1AEgLxoNJCLTzZ%2FDb0pBmYjL%2ByDHkLf7KJ%2BOBKEa2TJk5dbpr4d2Q%2BSaRedMIoW8cceaKinEMtDp25ZnHXFxWgYLBS%2B%2BhYLSrD4U1057zj%2B9gDGumXFgN...
ad.vidverto.io/delivery/video/pod/ Frame 5553 		52 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/JpKIWAsmmu2WfclJyy9Oj1lJN%2Fp4f9Gm3iqxx0za8bC%2Fh3HmZnfhWIFlNsjTNB1AEgLxoNJCLTzZ%2FDb0pBmYjL%2ByDHkLf7KJ%2BOBKEa2TJk5dbpr4d2Q%2BSaRedMIoW8cceaKinEMtDp25ZnHXFxWgYLBS%2B%2BhYLSrD4U1057zj%2B9gDGumXFgNrbyMWtVpAfkgBGyCUh2s0RZjuUuULo%2F7y9wLxEI6b4OoKEvn9gmORmiFV8QXS0fc5CfNK6%2BZUJiMar9yj0iC0RICLbvoJ2IwAeIUe9bRrOwpL47eicV0452f2XMMI8s%2Fn5R%2FjetnmblNkaoSgqSbIBdI4AoqN1LXK8r5I6WraaE8DTxtkMxzHg29Bu9r5YmwhpaOWHSjwQv3QDy9O7o4BY3UKexrC3b4XtOD72MgzS9o9hEtlnmP89FgFK5AGPHauGyXYjgofH83u%2FZvA9Jw4TGKLpmB79OF3M2%2BDtlLhzKUSOSeQ9ZNuL4OemDCSJ0hPCLN1uPNDvDdMjrO%2FqUKYlAkYnC2Y3%2FeQwOZ%2BEMuL81bgbnoOOUXMHfi5toguXkH%2Bd7%2BnQWAJ%2FbXod06J5oW4Lhlb5nPu%2BFzjv4BKBuwnvnHkPnrEYxPiG6rnfoRu57uGAKP1nLQe88J3vWXYNu0k7BJzfQ85jCeR3EedBK8cXu2w4dt7wyjvg7aA5WgUBtpvHGpE3UY3S6nOGRhWbGUawDeSv%2FUxY%2F%2FBRakf1dmoZqOrULUtKzEEItBaGb6%2F40ypQQFtN3oOuHRn83Unrvx2GxQSXatkFAyMMbNIITfJnZVJ4qTaDp7%2FSSHz39h%2BAmfvV%2FALDu%2BzmZx%2BObS%2BWp52l5hJUU8y8bzZ2A%3D%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4c04079e419d0cbfb51dce9be5377e38caeb2d0b3a849f4b6ea4c61bf69fb9fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Thu, 02 Nov 2023 10:21:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 54F1 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
462792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CF8A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 02 Nov 2023 10:47:46 GMT
/
pips.taboola.com/ 		4 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6970-MXP
date
Thu, 02 Nov 2023 10:21:51 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
truncated
/ Frame 483B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8f3ba06e0975b14eaded12da39f999898c474bde8d98578b57f4b4ef6aa947c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3au1v886690812&_p=1326638089&gcd=11l1l1l1l1&cid=299927836.1698920509&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698920512&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=%E6%B9%96%E4%BA%BA%E3%80%81%E7%B1%83%E7%B6%B2%E8%81%96%E8%AA%95%E5%A4%A7%E6%88%B0%E5%B9%B3%E5%9D%87%E7%A5%A8%E5%83%B9%E7%A0%B42%E8%90%AC1%E3%80%80%E9%80%99%E5%A0%B4%E8%8B%A5%E5%8F%96%E6%B6%88NBA%E6%81%90%E8%B3%A011%E5%84%84%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 3752 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2F08
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blZ0REtVdFkxUVl1UEs1&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&google_cver=1&google_push=AXcoOmSnYoeXM4CGEEL6akCzjMb4M2ecWNMIs8YqcK--Ofk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blZ0REtVdFkxUVl1UEs1&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&google_cver=1&google_push=AXcoOmSnYoeXM4CGEEL6akCzjMb4M2ecWNMIs8YqcK--OfkGzOEoJy0inrLhA-p_wZavY7Tr2yhkzg4eDRLayK2LJ6XIHPjTlgKv1eCKRGuyBI4l0s6sUjhem7SxyJmrcWolKJxWk5e6PSICO1fJ2f9KSZU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:51 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-066d8784b19149d32@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blZ0REtVdFkxUVl1UEs1&google_gid=CAESEI5upDCedFBBsQ3NODbEXTg&google_cver=1&google_push=AXcoOmSnYoeXM4CGEEL6akCzjMb4M2ecWNMIs8YqcK--OfkGzOEoJy0inrLhA-p_wZavY7Tr2yhkzg4eDRLayK2LJ6XIHPjTlgKv1eCKRGuyBI4l0s6sUjhem7SxyJmrcWolKJxWk5e6PSICO1fJ2f9KSZU
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 2F08
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGzdWN9Bd_zxl-MnECI8VXs&google_cver=1&google_push=AXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYR...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGzdWN9Bd_zxl-MnECI8VXs&google_cver=1&google_push=AXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVf...
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGzdWN9Bd_zxl-MnECI8VXs&google_cver=1&google_push=AXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81fba7327aa73ca5-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
125
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGzdWN9Bd_zxl-MnECI8VXs&google_cver=1&google_push=AXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT0HEZV68jskWyb4A9sq4beqRJ-fyMQEWBJd0itWRh5EM-FTVZx8_BRnoZKq5Rs1HVrVQiuEVBZRe1P-bpF0ejskv7ZfVfYRbgUwpiGmAa2a81_-Kul1DZnIHAagXzIEbnvJXA_vOgszD6ts1DK9d0-%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81fba73129043ca5-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F08
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBZX42cHRhBFsEiTkQRTtL8&google_cver=1&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d39lmL...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBZX42cHRhBFsEiTkQRTtL8&google_cver=1&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk0ODgwNzc1NjA4ODE2MDU5NA&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d39l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk0ODgwNzc1NjA4ODE2MDU5NA&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d39lmLFsGA7M4AlAqkYxx7p6WDK_AXlAaf8FQ72YU8gLxwenxJb-B9yNP0EyFJdWWGxtcRUHLWWOqd3f0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk0ODgwNzc1NjA4ODE2MDU5NA&google_push=AXcoOmR4sySbvu183UFbZZ0rNA767VoNz44o6ajdJ-knaAJK-UZ6bSMd6Oie9e9uOzIVtJ8JN_d39lmLFsGA7M4AlAqkYxx7p6WDK_AXlAaf8FQ72YU8gLxwenxJb-B9yNP0EyFJdWWGxtcRUHLWWOqd3f0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2F08
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGO-kyoJjAE_10aU_uQ50-I&google_cver=1&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jM...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGO-kyoJjAE_10aU_uQ50-I&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jM...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jMjA9VsEYwkGA4hp0bMtvi52imXwIjgEyIlRPY33Dgo8BfKM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jMjA9VsEYwkGA4hp0bMtvi52imXwIjgEyIlRPY33Dgo8BfKMjWfzkaCghGZNadkZKkkMJHJM&google_hm=TWxWZklQU2ZVeG5oQkpBY3lCMnE=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:52 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQJ4umHuH3FEB5Bqy3_f3E57EwY61giuznjL1m2IeWaaxyRsxOR6145FP0rb6d8BT18hQ3dVTOdUI8jMjA9VsEYwkGA4hp0bMtvi52imXwIjgEyIlRPY33Dgo8BfKMjWfzkaCghGZNadkZKkkMJHJM&google_hm=TWxWZklQU2ZVeG5oQkpBY3lCMnE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F08
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEINi11ecmzeNS6EIopKMaWU&google_cver=1&google_push=AXcoOmScK9H7vuEqmb2XrMlQ8iNDP-AWufySfwJfl6D_4zAH4-kw6obVX-F44KN5JFUNayBNECnUJz...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmScK9H7vuEqmb2XrMlQ8iNDP-AWufySfwJfl6D_4zAH4-kw6obVX-F44KN5JFUNayBNECnUJz-D_D3JlOU4s-D9oZM7Uv0khz2RNsekNrAWkBi8unmQ3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmScK9H7vuEqmb2XrMlQ8iNDP-AWufySfwJfl6D_4zAH4-kw6obVX-F44KN5JFUNayBNECnUJz-D_D3JlOU4s-D9oZM7Uv0khz2RNsekNrAWkBi8unmQ3fVA2rBT9jyNPwmUWJ9ffH15VTApxMxCP7Af&google_hm=NjA3NTA2MzU2NTE4NTM4Nzg2MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmScK9H7vuEqmb2XrMlQ8iNDP-AWufySfwJfl6D_4zAH4-kw6obVX-F44KN5JFUNayBNECnUJz-D_D3JlOU4s-D9oZM7Uv0khz2RNsekNrAWkBi8unmQ3fVA2rBT9jyNPwmUWJ9ffH15VTApxMxCP7Af&google_hm=NjA3NTA2MzU2NTE4NTM4Nzg2MA%3D%3D
date
Thu, 02 Nov 2023 10:21:52 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2F08 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkLicUFAax1BeMMhpAq1L5IczAcsfpUE-V3I1WFCwz8Ns45X3orQCQkmc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 6CB2 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 09:49:33 GMT
csi
csi.gstatic.com/ Frame 5553 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~loh1eoe1&c=754028308899&slotId=377014154449.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Nov 2023 10:21:52 GMT
cache-control
no-store
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame B014 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmrwA4PvMlYGgUvHHgW12ErpjNyxaV9ppywWZcSpBJEy3OVKSj_IytcU_RtrU6vLxqPsr0ZOFyM_F9TZLH2ZY4CfpOia-45nmM3uivBh1XGjdUNKyQMEm3dtW2onicKiq9Lf2kizfgcbDso766qFhOMf0K3RPwgyha2KXiYjy5U8capEQsprav29U2cbFjGBymXGHMs2-GmyhnW_ALSKfotRUf8m6MmqfKDofOlgA1VXL04_J6JbNzG3Ed9h_W6cTA43kq3phIhzm9E4wKgEIrrNeMa_TCOPp1_wXMRozNS-sw6EscW7JzcvoS2FwQGVKu-Rtz0ox55j5544LA0mkR-dH44uFkS9HL&sai=AMfl-YSeQb35F2xi1RneWUs7QDkt6SR7nidFXUgSbFN79N2TvfaKTHRVlb5Fu5WSqTUyvbEFFstmBG06hYCxLl5F5speMdhSU2fDZxcHRq3mcc0YhLK0ZJ50FBzvFKqJgHU&sig=Cg0ArKJSzD1o4Fmbx085EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
hb_native_image:89b4f5d6f970d9b
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B014 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:89b4f5d6f970d9b
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
408570f5d4408135969f64091e1743bcd1388541793b127b7e5854c31350c9b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1614
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3F3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDU2alf_9wE4eIN8F9HNGm3sW-K0puQGbYY0xhjaWTZykQczhcw6y2tsDjXMg5yAQzgqtnk6sqJPIK2g0J2xT7H3R25I2FrnG0DUvrEgtv4FDDubDYq4cc4QrTbBYhsbOCt-jAqtb4CKZSroPoNiamcsgMm_Z-XX47R0qi1zLPGK5hg-tlYwkIe-EFasrTmVLHSU6X2Sch7sW2GSMJn4QQfUvURlpZy-rmRYGhMftrxV3k8teWoZF9Dw2fUWM2tNKO8KwxcjF2WRFjnt-uyQ7Qr-hDCcZBHA5u1ehJElBKI0M2gKIwAhEpqGPD9uXYX0_TUF89zFhqnUpFbi3jzX585Dx27qiU3ISv&sai=AMfl-YSZx9myJE72i1BCDka637ZEYRtDeqPAeU-T_l8BLMzGXpDeM4DNLA20lZnL3J_EJPe1gpjm4zc-wLe4bk-8hqfhMSlKMwzVxMu9EFfifxnP-UR-JbuaWMUM7VafRE0&sig=Cg0ArKJSzC50gCh9fVc8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 26C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Oct 2024 10:21:52 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 26C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Oct 2024 10:21:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 26C0 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 27 Oct 2024 10:21:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 26C0 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 27 Oct 2024 10:21:52 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 26C0 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ez-OAtqtH6RbxVfjBbWi1Pmnj1Z0V8viGIrbceEgEYuhqf-yEJI4YcrMyB1nc4tNDMX-EE2s3S6jHZVWwwQo4RI2jXRaUXFkZxBHv_519PFKOBA3aozpFkRGN5yPqlHV2VvKl8dLjZy_-1KEzrhpq92LxUTZW2zlE2wEGh7MaBzdvQf_9YaC5TfDPnxQQ_oyenj5bqIQib7dnJV30hE9RXT1xKSVY4_chJFjf79Oefc2cWd2dtELWcoiUV8qWm9beYA6Ei76BZV9rqgiFeP_eH5eloq9HNgAf8ed96-ndmusi5xNU_f1Its8_G9zaLNA9BU9hSfMyaUDd8njJZuELdrfjz0JZVXQqX7BDVVC_hhaQ-yC-lshwstoCFUulgbdDrlm7NchBaxcTM8E5OU8qwYwCWmazsXvuyCe87jFysxSJGSndmRAI1PLvix5qTUOU94juA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2406585
expires
Mon, 26 Jul 1997 05:00:00 GMT
e7c055b73c194c799a0aabfe2c45d112_image_ad_336x280.jpeg
static.criteo.net/design/dt/41417/5052059/ Frame 26C0 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/41417/5052059/e7c055b73c194c799a0aabfe2c45d112_image_ad_336x280.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
df856f323a6216c78f870b31dc4ce726aaf3753e0eb4f5b56bf335f1558a97c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 24 Oct 2023 12:01:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6537b233-b34d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
45901
expires
Sun, 27 Oct 2024 10:21:52 GMT
hb_native_image:92ac8762d65322b
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F3E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:92ac8762d65322b
Requested by
Host: 515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe9e3305a188f2448dabc4b84bd912aef6b123bd39817a992d03d5a005bf9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1614
x-xss-protection
0
im-uid.js
dmp.im-apps.net/sdk/ Frame 2E64 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6529 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
expires
Thu, 02 Nov 2023 13:21:52 GMT
/
adx3.adform.net/adx/ Frame 5553 		65 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 5553 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2477721802994385&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=304BD2E7-FE7E-4C98-B290-A2983D404658&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920512322&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=823058544183795&ged=ve4_td4_tt0_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 5553 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2477721802994385&cust_params=mt_fln%3D1.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=304BD2E7-FE7E-4C98-B290-A2983D404658&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920512326&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=823058544183795&ged=ve4_td4_tt0_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5553 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2477721802994385&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=304BD2E7-FE7E-4C98-B290-A2983D404658&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920512331&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=823058544183795&ged=ve4_td4_tt0_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 5553 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2477721802994385&cust_params=mt_fln%3D1.3&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=304BD2E7-FE7E-4C98-B290-A2983D404658&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920512333&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=823058544183795&ged=ve4_td4_tt0_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5553 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2477721802994385&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=304BD2E7-FE7E-4C98-B290-A2983D404658&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920512336&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=823058544183795&ged=ve4_td4_tt0_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 5553 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2477721802994385&cust_params=mt_fln%3D0.8&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=304BD2E7-FE7E-4C98-B290-A2983D404658&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920512339&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=823058544183795&ged=ve4_td4_tt0_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 5553 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2477721802994385&cust_params=target%3D0.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=304BD2E7-FE7E-4C98-B290-A2983D404658&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920512345&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=823058544183795&ged=ve4_td4_tt0_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 26C0 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-4NfKEHBxizNWb1vd2M6OgoTa9dZ7GnK8Vb2vZRnpg7HTlbqLtVQBoX03JF3k5NCXgJP-aKOAIeHkFn0RbkTmrN5FrXxRJbi-hB-2nqYh3DT78alD2hsmsgZhkCtdBRaFpUYc5-V_7MMCRr1OqNxULeP0HJpwg8ag_8RJnPHuo760quvlFs8U5hwlYZ4XI-i5HSEfbypw0oWgKqNAWl3QLlf_AXmvgLYA8w0f_uYWNuadULQatVKnvrIEiCN4HAUnsKT2A&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 02 Nov 2023 10:21:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 26C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Oct 2024 10:21:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 26C0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Oct 2024 10:21:52 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 03 Nov 2023 10:21:52 GMT
get
audiencedata.im-apps.net/imuid/ Frame 2E64 		10 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HE7RVEYSP5M3QTQK5ZG6WP53
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 02 Nov 2023 10:21:52 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
generate_204
tpc.googlesyndication.com/ Frame 6CB2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wFEVzA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
480_650.mp4
cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/ 		212 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=131072-

Response headers

Date
Thu, 02 Nov 2023 10:21:52 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 131072-16890123/16890124
Connection
keep-alive
Content-Length
16759052
csi
csi.gstatic.com/ Frame 5553 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~loh1eow7&c=754028308899&slotId=377014154449.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802463%2C44803784&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 03 Nov 2023 10:21:53 GMT
csi
csi.gstatic.com/ Frame 5553 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~loh1epbn&c=754028308899&slotId=377014154449.5&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inview.20190130.min.js
js.genieessp.com/j/ Frame 2E64 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
last-modified
Thu, 14 Feb 2019 06:15:01 GMT
server
nginx
etag
W/"5c650765-13cd"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Nov 2024 10:21:52 GMT
jstag
genieeintl-d.openx.net/w/1.0/ Frame 2E64 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/jstag
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
96e67c98724154165af8ec287e144bda54e84ef2102cd3d122b80f769c7f41c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18067
expires
Thu, 02 Nov 2023 11:21:52 GMT
gl0
ialaddin.genieesspv.jp/yie/ld/ Frame 2E64 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/gl0?zid=1551001&asid=11030163&idx=0&cb=701fd05dae&l=S2NYKR77JQntLqpPTuT7CQbPKfkW8cWqfp5m6bBDZOBWSIXsjIQTRrQsbxqNWmT2W6hstfTapq7vhH-bP9iQOA10a0WeshpD56VGLzC18PB-bxW2Vn9D2uykMPOnRc6WRpVC65kR77vskLm9_PskxZSiADXby3KFrAet5_SwDPtpNon0LNqurj3C9rMr2qxVtO6RtANsiouTnj95XktX7in-vR8D-QjsewrkfpytoRn24fintAh_0HG3Jl-PQLyA-qmxp_C1-3j3ECQDxv1AnPnz_W2I_2Yj3vjAlphHjxlUmHhq-0CMfLih3sjqLHEWMbcbf8FdZFhfehnVDTVZiCQC4ZBDRX3sOE1-A-dCCflEynrzShJHrhRlYauqVqFUVqDwik7Gwq-hs-1rM1a4CDUEcnprVW45W9sE62AU3t_9EHt7Fyv9TEbLwssGyuF1JhA_IYGXrxeMr1RmbeUGuU2my1B71FlYRypPFQL2N70YSmVGTqo8RF_0ePQ_qWdjuiqcELpDCKO0kbjnWslL3F2Xc-bYeVS7Nfb0xLTlPS1ZiIsYHz3ybmuArBZZz0iss5SzG_I-8xTJ_T-jfzsWTw-wJrE1rMVNnL51QJXKE3oGJ9prL9et3niofaGS2syMzzB2woG5HQLqydd7TE3DDl8W7eHLSj8kz4xnfVDOSJ7Gmv_ziD8XaBkoEnkPfx5ozd9amwYpZQczLc0rEoAoUuGERjPjpLSGppXE6qD1ymoNXUSHTTlb6fPlDlRZRfZqoP3GHW5XZpZrLTiupAgeFouNRNhaJDfcSx4hF78IvAlCztyADMtv81b4KbFzDSO5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.13 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p013.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
cs
cs.gssprt.jp/yie/ld/ Frame 2E64
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8b10da0a9c270f7cedf38f6f22e2ced5
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8b10da0a9c270f7cedf38f6f22e2ced5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
222.230.178.130 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=8b10da0a9c270f7cedf38f6f22e2ced5
date
Thu, 02 Nov 2023 10:21:54 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 2E64
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA6Z8LEFQsEFkRxICUb2FLjkDJfm7DPO1xejbwnfsvU1kdEonZ_H9s-wGnhSj5W7cHg&format=gif
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA6Z8LEFQsEFkRxICUb2FLjkDJfm7DPO1xejbwnfsvU1kdEonZ_H9s-wGnhSj5W7cHg&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
133.186.12.13 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p013.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 02 Nov 2023 10:21:53 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA6Z8LEFQsEFkRxICUb2FLjkDJfm7DPO1xejbwnfsvU1kdEonZ_H9s-wGnhSj5W7cHg&format=gif
date
Thu, 02 Nov 2023 10:21:53 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
acs
ialaddin.genieesspv.jp/yie/ld/ Frame 2E64
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5tx8yb_PG0TtsQFyaMWJZIagI2Ifq_d_k2hrtK8X22Gqrrcmv6nRdU22ffKzk6NMA&format=gif
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5tx8yb_PG0TtsQFyaMWJZIagI2Ifq_d_k2hrtK8X22Gqrrcmv6nRdU22ffKzk6NMA&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
133.186.12.13 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p013.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 02 Nov 2023 10:21:53 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA5tx8yb_PG0TtsQFyaMWJZIagI2Ifq_d_k2hrtK8X22Gqrrcmv6nRdU22ffKzk6NMA&format=gif
date
Thu, 02 Nov 2023 10:21:53 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
cs
cs.gssprt.jp/yie/ld/ Frame 2E64
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=LtGA5kfjD725GJxuQnhDZQ
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=LtGA5kfjD725GJxuQnhDZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
222.230.178.130 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 02 Nov 2023 10:21:54 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=LtGA5kfjD725GJxuQnhDZQ
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
97
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
acj
genieeintl-d.openx.net/w/1.0/ Frame 2E64
Redirect Chain
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=68d36bfb-f21f-4e5f-9afc-89747f45e5eb&o=8859185035&callback=OX_8859185035&ju=https%3A//www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po...
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=68d36bfb-f21f-4e5f-9afc-89747f45e5eb&o=8859185035&callback=OX_8859185035&ju=https%3A//www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-j...
468 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=68d36bfb-f21f-4e5f-9afc-89747f45e5eb&o=8859185035&callback=OX_8859185035&ju=https%3A//www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
dc0ac5c02d0e36b47a973b030d8f75bd8f69eea3477cf6e5ce676b704fb12733

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=68d36bfb-f21f-4e5f-9afc-89747f45e5eb&o=8859185035&callback=OX_8859185035&ju=https%3A//www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
date
Thu, 02 Nov 2023 10:21:52 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
csi
csi.gstatic.com/ Frame 5553 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~loh1epc0&c=754028308899&slotId=377014154449.5&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:52 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
truncated
/ Frame B014 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3728f0f2c0754ced2cf1511a58fdcab438b41c41184567f90aa804c1047ece8e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F3E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f794d935be5272120be5cc6c011be91b4fabe36c304a09db4c8fabeb820bc1a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 090A 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
462794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CA00 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 02 Nov 2023 10:47:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3F3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT7_SwZZLKDoJ8Z9krpx7KkGYpyaiRvCuw1ILIoUfAZWPhRTDSBeWTYyUyMR5Uvv86CYT677tYGMx8xr31iT1szzHBrq1qUStYTm1ND4D4U11PowJW5NFDHONjPmeK6AfyrvIgIWAsbXDFwOTtz99RIMqnCUIEA2Vp0k4NLH8jSogXyE7meEbI7LKDOAFp3BR4hva6cjAcNfPcQNASUagNMM4N1csnugh1psfa4wjIGoB17RQAuOizpalfbsv1CYHv0tZ6NebbSmgwpfSQsVUdYURNgRzQOAQT8xwqYL92rmjvku1GMC1SLk-Kq7DO_BZbQ7Owco8VkEzJMLKNqPH-wIa0Uz9_8aK0FUo&sai=AMfl-YTuYZZZiFfQaZcPheFswj_bRxrq9yo12jWhsOFZQynfKss3rUgH3P5x0pqueXUAtS-YmBNwNybuJGf0InySb9KNxgfPJKUbQlPhVaxhnPlZkoZ0AYM4Q5sZDfM5Ewk&sig=Cg0ArKJSzFF1a1vLcC6IEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Nov 2023 10:21:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B014 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBGD93UVGbDgSGwEp3MiouCZL3urfr33f4G7QkIh4-PQsnErvMUnVrKfrWXXCCyWUdR71CsmLMDgnDqzgc-ZVsNUH2suS7LnOs5ToYL3Z51MQc2fPXLLwrzNTsZZnhPzD-TG_DEf_k0o2kqB-jGmfYT-qXkV6s-7omNoV1BxcA1i5C_bFSw3-JeVtAwf4En3dkrpSNy7Dj8yVpke_JgR4JJ0_dAYKk_Ayjt72m58i_usnY9-eBXdbZsXNcTbORS6ZTv4_VMPmi44PLQ30Rm5IYpkMlbWOofED-2iFxbg45VvSKH-QDKcuJ5G6gf5c_ldtuhDN7_o98D2EySp_PXLyiAsQ_8yDGjw4dZyw&sai=AMfl-YRcp7QuvsUvk0JltSY8qUJq2KdyeLloTi5n06eQQrpEnOXeslhvcbl1YAO-QX-AI4L-23ziOOumYdtENDYbMYYe0lP0WvYE5h3ffyL_PKnXAwgN2ORNGz0qY1sg-0E&sig=Cg0ArKJSzPZrIvrASHd2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Nov 2023 10:21:53 GMT
480_650.mp4
cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/ 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/TifKpf_RWZDkB8qbrBbeIA:1698924109/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 02 Nov 2023 10:21:53 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1698920513238&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1565&pt=-87615671&tz=60&viewable=true&ddast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
655fbbc09d823c9ca7c19c2f16e86dc2d80fa99df138bba77d4633ad00e097b7

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1436
x-cache
MISS
x-served-by
cache-mxp6931-MXP
pragma
no-cache
server
nginx
x-timer
S1698920513.249319,VS0,VE77
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 483B 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcvYHPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNUCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6WzKAnf9xg120rf4BXcYtAs2MFhGBoLCH4dYRbZu8GloMNbvXo3KBKABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=Hfa8olvZRfI&uach_m=[UACH]&cid=CAQSPADICaaNa0etDiuvxCcfSbo8OjfjxhFzlbEIlrbgO6NW_TWGV1jtP-XpYtb8LT6CqC-5WnpkMKysE1iZghgB&cbvp=2&vis=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 02 Nov 2023 10:21:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 483B 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6qtEYbWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQPnhDZYhxZOsUcTd18jcAABIAAAoKQVFVQkR3RUJEdw&wp=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
132708
server
Kestrel
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 209C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231031&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fe8e4bba11adea29539d056f9a89feaa6ef8246b5d7623d33f9fda6706b4930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12062
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B9B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310250101&jk=2241724623878130&bg=!kZKlkt3NAAbo5yKYyOc7ADQBe5WfOKrbw9sbX3VcLxd66JvlW9kps67VrsCE-lx67qS5nyrQH31Jmad9P3D8YH3flrhxAgAAANxSAAAACmgBB5kCzqbZN4f6CG2-X7OFMQ3L4SBhFfmIS1HO5E0GtMsmMkFOyNWFZ64Xr9Hh___l09kjzRPdo-25GljCZzJUSbmO2dRcBHGkVT2mnDzPaJk4aIpU8fYnXC83_dbm_MKA9SlS0YnTr4Acpe3_BV8NzcnYc3Yfo8WFxhPisNPTdFydP7PxSM-J-jEnXFLfh1T9G69_P6TgMQo6DRj0z5TjJX7SgWwqzireODrnnUXzrgQLIQ5iSdZg9AmMrjYAFN30xqH1d6B6PnSUvIA0AIcQWagRcewgppoZEY43Z6_jyd9cENCQ3LL5QjX7_C4kERQ4u2W_IvU4dOpae-wEGZ9KNCU3j37neCh9P6hDV-Kp0R9Bfd_jNqt--r_uEQUORsYDi-9xORJy-J7Ppcaq5GfWBxwV3cukZqahog-55seN_sRFmEEgnKF2BGH6oco6gnJvQSeirpkJsCD2k1AUGxNDshjU_LRUggZPfqlbj3u9vOD50YrAfsazhP7PBXcsD-Okgtpd292qNwf9LB6vYaz4ZLGPEXONkjLdNDgSydFx38Mx7tlISBidQJTh-AiFcgwbJ8euA2WFlTeZBOxewBlbYqIz23kdZN3ee9uxXqCNNb9I7RZ84h88j37BsG5RsFigyzgyP3u_Wha_CV597d8R8gnUOrZHKIzYZ3neqA1UNUmlWwNxFGmFPRIzNRo7fRnnQYBP0SEhpozJKs19S0J4MWMmjXSgb2FltaemphbU-s3_EAj9Jwo0jwIVPaPRLo_9D6M33fvuBZ46mnXnmASH49g8Bbp3GjwJZTYWQhnEtI0dUxrRgge2Ij2Cr419SnDu5O04so6nS4AuypMWNnC_5XpaIMI7DN_6mH8mjSmHYrMl5GmRYnbDKO6A7qMhS-jJ3X_7oVXv5Zw2BwxZixxCGWjkqJfKXo2k69cHoQYz1Zf1Eea57vID88iCqUWTQ1VArvc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 209C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311010101/show_ads_impl_fy2021.js?bust=31079356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Nov 2023 10:21:53 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 090A 		113 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4118029698789320&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FTifKpf_RWZDkB8qbrBbeIA%3A1698924109%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=DD79D6A0-27D5-482F-AF03-E8E1C527FC68&nel=0&eid=44772139%2C44777649%2C44781409%2C44802463%2C44803784%2C44806262&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=1698920513437&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&scor=2636973675083322&ged=ve4_td5_tt1_pd5_la5000_er742.400.743.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
35021ec3b763ea04ac0a89c7a95f2eb58bfa0c2d2688c52c30fdf9b39bf59021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23110
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9826 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 09:49:32 GMT
expires
Fri, 01 Nov 2024 09:49:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B867 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fd67d3e5d24a816c6b68e8f0d2eff7d7e2090a9a7dd42973cd22856f9659e259
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o_m6oLPHyDV60xRf-JMHLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-o_m6oLPHyDV60xRf-JMHLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
Thu, 02 Nov 2023 10:21:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
217388
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
208692
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
9154ec697fc17060e3cc938d3d766f4116aaeed494137adf2badb6ad0cf37393

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 02 Dec 2023 10:21:53 GMT
sync.html
public.servenobid.com/ Frame 48C6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1327
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 02 Nov 2023 09:59:47 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-id
K6aL9J3oGVoWCHszskZ6aArvjf-wSlNOfKu8fKX2uLDatVIq5jhzJA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 1BAA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1698920510174
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
f4975544236bf4012c2aff64c2ddb31a370181bf4e54e5ee2143f73d065d351c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1114
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 3C98 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa4b5ef71883340d967b61fc5306164dd24a6ae92b3c3438834a39fea1b61b54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8515
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
Sat, 04 Nov 2023 10:21:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame F754 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:53 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 26DE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
1533
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 02 Nov 2023 10:21:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2795, 8341
X-Served-By
cache-lga13626-LGA, cache-mxp6971-MXP
X-Timer
S1698920514.562015,VS0,VE0
isyn
prebid.a-mo.net/ Frame 45B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 02 Nov 2023 10:21:52 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame E114 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 10:21:53 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame 5BA9 		653 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8a665ec08f8c43226c8bfc18508d99d9ad6c0077edf85f6cb0ff2243b473c72c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
413
content-type
text/html
date
Thu, 02 Nov 2023 10:21:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
csync.smilewanted.com/ Frame 2421 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81fba7395b823b5e-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:53 GMT
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 994C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
536
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81fba739b99624c4-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
Thu, 02 Nov 2023 14:21:53 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame B867 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231031&jk=3372074091963421&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 9826 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 09:49:33 GMT
img
sync.mathtag.com/sync/ Frame 1BAA 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:53 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 02 Nov 2023 10:21:52 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1BAA 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1BAA 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 1BAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 1BAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 1BAA 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 1BAA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 1BAA 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698920510174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.23.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-23-195.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame E114 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 01:53:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55910
Connection
keep-alive
Content-Length
11104
Expires
Fri, 03 Nov 2023 01:53:43 GMT
sd
us-u.openx.net/w/1.0/ Frame 5BA9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qTQJUqg5DgSyOApU_TQQB6lgXASyYgQDrzjmzNJ1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qTQJUqg5DgSyOApU_TQQB6lgXASyYgQDrzjmzNJ1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qTQJUqg5DgSyOApU_TQQB6lgXASyYgQDrzjmzNJ1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5BA9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2467632124578826382
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2467632124578826382
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2467632124578826382
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5BA9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=a5eb9ada-194b-8761-a46c-6ef0043fb2e0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3JNEBZ4Y8AG397Y73K8P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 5BA9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=fd3de6a7-05e1-3c9b-6462-ec676c0c7900&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 5BA9 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDE1MjM1NmQtY2M5Ni02MjNmLTcxODItYjZkZWE2ZWViNzYw
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5BA9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQGD4jaZIDaftIIm-KqMbY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQGD4jaZIDaftIIm-KqMbY&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQGD4jaZIDaftIIm-KqMbY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 26DE 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
an-x-request-uuid
8db9d884-c9d1-4a83-bfa3-4976b66bb331
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame DDD6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.59.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-59-27.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
abc92794dd0332c044a0378e88291ec89c7b7ffa6875b66fcdcec15562b1c188

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 02 Nov 2023 10:21:53 GMT
etag
W/"014f1e5d6aea1d589c8a232c9b7b64af2"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 51A8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
4321f0928c75dd3d02ad601f9399006b07a97e42ea5601e3baf69929c103b362
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1137
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 84FE 		992 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
1f9b7492fff9be4034ed0259dc4da496bd0ba203a89e7a9af9f56b1f9d9814df

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
992
content-type
text/html
date
Thu, 02 Nov 2023 10:21:52 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3357
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d707e55d94215af78272a2ca328546a0416efe4763cd4643ca6f706ac8960846

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81fba73adadf2397-ZRH
content-encoding
br
content-type
text/html
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZQX%2Frzkh%2Fi2NHtVJ8pad6s%2FjNbsKFBHrcG%2BA1tfsWGkS214SiMs9D8LTK4IN96MN5%2BjFKrGwj6lpSz%2B0hsg9FkYQEggzRL4%2BQ8j9sRKDLQUxGNesIYdAVQQ8lqlKF3KFYVhjqz3RLJSjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81fba73a8d19020d-ZRH
content-length
0
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBOVxHXcabxqS9x5vENDFsybmX4x5WtsKfgXEozxRjwUX5JQV%2BGdBxEFuVj0b2SClVejs2Bw0TXzgtgUG5Pnuo1Aq0dluWHP0IT%2FSSI7Z2la7Fp99%2FL64YiqWhD4%2Fs%2F0s0qXjDbYM0oqnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2013
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 10:21:53 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 02 Nov 2023 10:21:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EA1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55100
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
Fri, 03 Nov 2023 01:40:13 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 7211 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9e2271614025c74ac9d2687681b7118f47c8d0e6cac657a61eebc6dd2dffd04a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Thu, 02 Nov 2023 10:21:53 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id
naiZLv1Dq8cWX_a_IIdH-LOVxcMOlX-Fim89VatGwnpKUltCGo8p6g==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame A269 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Thu, 02 Nov 2023 10:21:53 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 2BBA 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.211.73.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-73-67.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f783b70f3d30f78fb57bbfedb7ca08319af2796915696ff84b6a0707b4342d79

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=553898122509061949
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=553898122509061949
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
an-x-request-uuid
b6f77dd2-8882-41b1-aa30-42ab24fc1545
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=553898122509061949
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HlqNrRZHSMHOLqxHSpadjxGI
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HlqNrRZHSMHOLqxHSpadjxGI
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HlqNrRZHSMHOLqxHSpadjxGI
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 48C6 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 02 Nov 2023 10:21:53 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 48C6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698920513791
  • https://ad.turn.com/r/cs?pid=45&rndcb=996725311
  • https://sync.1rx.io/usersync/turn/4448450027908307853?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-1622b3b5-b5a2-4f88-acc2-7bb...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
0
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
81fba74118ee3b5e-GVA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

Redirect headers

location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1622b3b5b5a24f88acc27bbc1a279626003
content-type
text/html
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5142336726074175109
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5142336726074175109
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5142336726074175109
Date
Thu, 02 Nov 2023 10:21:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=f7a5dc85-de93-4a01-8f3e-085057490da3
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=f7a5dc85-de93-4a01-8f3e-085057490da3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-111
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=f7a5dc85-de93-4a01-8f3e-085057490da3
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Thu, 02 Nov 2023 10:21:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kZjFiYmYyZS0wODM5LTMxN...
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS1kZjFiYmYyZS0wO...
  • https://ssp.disqus.com/match?bidder=30&buyeruid=3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a&r=Cid1YS1kZjFiYmYyZS0wODM5LTMxN2YtYmYzOS04YTNhYzQ2YjEyOWEQ____________ASpTaHR0cHM6Ly...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 48C6 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.255.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-255-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
sync
ads.servenobid.com/ Frame 48C6
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 02 Nov 2023 10:21:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 02 Nov 2023 10:21:53 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2D98
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5377c64a952ac53d3536592072a9b3de2d77b0722274d16bc7aeb875afdab10

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81fba73adae62397-ZRH
content-encoding
br
content-type
text/html
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBAZpKtfLmKRwjEC5etwO8d0cmCvPDU97D7SfUYKuYhCj%2BTkmbShswettYy3hXQqqcRkPvgls87ZggoAhYGTJr7HjDtc3CePvARmX1DwidT%2B1Jw5EOPmpKuKUHU0sfXlEhVnYhhLPX6o9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81fba73a8d16020d-ZRH
content-length
0
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adisEiBja5J60stqnxjRiawrNer8AytYY8LKn%2FdIYenZLRvv5bPrtOQVKHoxBZdqMC2quutMOuT9pL7SynDGWTyfWH5KQx%2FCjiww0Q7X%2BbJfVBiNwkE%2BTVc5aFUQ0cgc23l7KeaWLrLuTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 84FE 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6075063565185387860&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dcm
s.amazon-adsystem.com/ Frame 84FE
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6075063565185387860&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6075063565185387860&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JNM3NNPYSSSJT7QVMPQA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6075063565185387860&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pixel
cm.g.doubleclick.net/ Frame 84FE
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjA3NTA2MzU2NTE4NTM4Nzg2MA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjA3NTA2MzU2NTE4NTM4Nzg2MA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NjA3NTA2MzU2NTE4NTM4Nzg2MA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
p
a.audrte.com/ Frame 84FE
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODllVC1jeUFERllSbi04NlVpeHo4TVg3dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDg5ZVQtY3lBREZZUm4tODZV...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=2467632124578826382&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=89eT-cyADFYRn-86Uixz8MX7w&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=6075063565185387860&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
54.173.102.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-102-35.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 02 Nov 2023 10:21:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 84FE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2467632124578826382&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2467632124578826382&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2467632124578826382&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2421 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1231751
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
81fba73b2cb33b5e-GVA
expires
Thu, 31 Dec 2037 23:55:55 GMT
img
sync.mathtag.com/sync/ Frame 51A8 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:53 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 02 Nov 2023 10:21:52 GMT
/
onetag-sys.com/match/ Frame 51A8
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-O-8APL&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-O-8APL&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOH1ENG5-O-8APL&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 51A8 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9P3YYTGBsW_ulfAkf1TipnwmUoD_stPS_14D-_c2_gc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 51A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 51A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 51A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 51A8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 51A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=650e328f-9a59-41ee-9574-4c21fdbf254d&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fd...
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=9c862516-bac4-4675-8fc3-65c5834d9915&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d
  • https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 51A8 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=9P3YYTGBsW_ulfAkf1TipnwmUoD_stPS_14D-_c2_gc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 2013 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 01:53:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55910
Connection
keep-alive
Content-Length
11104
Expires
Fri, 03 Nov 2023 01:53:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 9826 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nUc-6Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2D98
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUN4QVPDLrIIuJjPohc2wQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bg9wl12Wyjhj4mZh5bPu2GgBvplJg9HGlow8IuKHUBCkHiDRYL8QSQHdlYe1YC2eFJY3NVer52oEHTCj86eUHk8bp%2FmfXLDgJt3fczEZDVLxRpbW4K49TWmx%2FKE%2FF1khXO%2F1FhL7Y04Irg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73ccdd12397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2D98 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUN4QVPDLrIIuJjPohc2wQAADRMAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VDPZ166H65YW0TERBQY7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2D98 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUN4QVPDLrIIuJjPohc2wQAADRMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC6ox3m%2FeAUUiXTNXwcPzy%2FNuNpbj2f687Jxflzu7HYb0hVM6rF9pro30bS5WE2aiLY4WnqP2qUV1lioDWIY44cSMGf7HFqqsL14NlCV37mv5GxGcEili2X3AwPy3EjKzdhOAZNyipQaPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73c3cef2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2D98
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZUN4QgAAANjH7wBC
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUN4QgAAANjH7wBC&_test=ZUN4QgAAANjH7wBC
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUN4QgAAANjH7wBC&_test=ZUN4QgAAANjH7wBC
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPKopphQnp8%2BDiXHqFMpRCpNn76l%2BOVaCc1OVZuN8%2FViikrOUjjzlAhV8CakzeanWAc3%2FO5Ar69%2Fu%2Bz03ukSTK%2BY8qcgL4PYERmJNF8Mlk0ry%2FREem4sfLvgVVImEg43Zg3V0h1YR2nZ9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73e583e2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mxp6920-MXP
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698920514.215741,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUN4QgAAANjH7wBC&_test=ZUN4QgAAANjH7wBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
CookieIndex
rtb.adentifi.com/ Frame 2D98 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.87.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-87-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
crum
dsum-sec.casalemedia.com/ Frame 2D98
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685630498578664
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685630498578664
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Svyq%2Bc%2FAUK4nbavPKzmsAzSW%2B8s6YfedN2Hs4x7NKaO9YRh%2FmA9hozXIMsrUfhZi51xnhlY0GkqlR4BXB8GrIa83Z7mSuxUTxIw84E5tq5dhmBpGNBdDxM%2FaA2FCsXtr1VF5P8IrmhzmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73ccdc92397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685630498578664
Date
Thu, 02 Nov 2023 10:21:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
362358.gif
idsync.rlcdn.com/ Frame 2D98
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUN4QVPDLrIIuJjPohc2wQAA%263347&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUN4QVPDLrIIuJjPohc2wQAA%263347&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a5583b5fab354d4ebda1e3eab057d642
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a5583b5f-ab35-4d4e-bda1-e3eab057d642
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=0c2e87b6-9ca5-4c2d-ba80-fbd4766869bd%3A1698920514.8380096&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c2e87b6-9ca5-4c2d-ba80-fbd4766...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630498578664&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c2e87b6-9ca5-4c2d-ba...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=0c2e87b6-9ca5-4c2d-ba80-fbd4766869bd%3A1698920514.8380096&_=1698920514.8418858
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEImWfLt4xSRD3F-kBKljiZU&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEImWfLt4xSRD3F-kBKljiZU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEImWfLt4xSRD3F-kBKljiZU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2D98 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZUN4QVPDLrIIuJjPohc2wQAA%263347
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
27401
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81fba73bbe0524c4-ZRH
content-length
43
expires
Fri, 03 Nov 2023 10:21:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 3357
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUN4QYbloBxhLaPfbtESqQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95SyezdOH92XlrcOSX3qOXD7%2BPR3Sf4XtXD88IHeiXGOlQ2fPkQlruJ0fy4emhfwzfdjNyZBsWogs3%2Bl7vQ%2ByZIM%2BLLLyhvZm1Vi%2BJzCkFQeYG09LUvTQ3gJUpDTL9EDWmKvzLfV9zRPFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73ccdce2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPuicfIb_M-Pwl9yEXdCIT8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3357
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUN4QYbloBxhLaPfbtESqQAAFDYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hS%2BHQHdb5bQy6V833Y50%2F5aMXGVaNoDt2y8DsO0354a1ThCnZ8HLjpgsfyNOB5PnP4tOVkpGfGRRQ08P3II4LJV4sJz8YAYzi2cRrLVJZ%2Bzpj5tTyp%2FHAMRYgnnzmA8SbyeoBlSSIv6qTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73c3cf12397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECKgILHrDQkumMsenfrEmoE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3357 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUN4QYbloBxhLaPfbtESqQAAFDYAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KWDSV83A004W89BZ8YTX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
52154.gif
idsync.rlcdn.com/ Frame 3357
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUN4QYbloBxhLaPfbtESqQAA%265174&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUN4QYbloBxhLaPfbtESqQAA%265174&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2d76f921d6134d21a3af442ee291bee7
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a5583b5f-ab35-4d4e-bda1-e3eab057d642
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3fe9bdeb-b4da-4450-a126-b20568bb5a08%3A1698920514.8371832&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3fe9bdeb-b4da-4450-a126-b20568b...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630498578664&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3fe9bdeb-b4da-4450-a1...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3fe9bdeb-b4da-4450-a126-b20568bb5a08%3A1698920514.8371832&_=1698920514.8394394
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjczZmU5YmRlYi1iNGRhLTQ0NTAtYTEyNi1iMjA1NjhiYjVhMDg6MTY5ODkyMDUxNC44MzcxODMyEAAaDQjD8I2qBhIFCOgHEABCAEoA
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=553898122509061949
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=553898122509061949
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
an-x-request-uuid
b5cabe9f-acaa-46f4-baf6-c6dd66555193
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=553898122509061949
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3357
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nVtDKUtY1QYuPK5
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nVtDKUtY1QYuPK5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLg8FBY870NiwHIA5Ogm4iDNu6IRdFCmvpOZydUjEz6b0DeBCjZxidP9MfLhhVuH0KqPG7e%2FqTnLqPTwtenFWm3CyvfrsUvj3KZ0uvYAednjalVRlOvHPQE8qRn0BRVUc9V%2FurtleMMAuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73c4d152397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0e375bc7960f51888@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=nVtDKUtY1QYuPK5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3357
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGdgd%2FbfGvHdOCEyGUEYDH3VOA%2Fo7c29cTjfVkEMk4x6XrqCfzkoXSwq07yXg4sUNegAY%2FQV%2B7l%2B0HS%2B%2FRYGya8i4a9s7jQJRyYc4rBHG2ZmZBLQX8R3luHHHI%2Bh1JI%2FBMS4rVbl%2Bz4iqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73dcf3d2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 3357
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699548636d0211rhh00loh1eqme
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699548636d0211rhh00loh1eqme
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKUEHnuKJbkMfTz69gaPfmtYnYYP85eKumzKvlBdbjRr6wQvco99SMSq9RgG1FxRI%2Fe4EvigZpGHguyHqXp9RRoICPJ4ym%2Fu0v1aI4ua10WpwvR1uJCSgWwanZMAasqoRutdmOJ1IaZx1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73f8a102397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699548636d0211rhh00loh1eqme
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame 3357
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrdMmIIua57lbmUkQelQmcZ2HpjCtNH%2BmLsevKAwEWvn0Q4fJu9zWPDp56am2JBev0grdvJ%2FTDud8Wym3zymqrkq2Pregby79l85nYrzeZirh8u0WffQwj74KWXNhy%2BuwtutkCQQFTN%2BOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81fba73cddef2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 3357 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZUN4QYbloBxhLaPfbtESqQAAFDYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4EA1 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31800977&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
8462c90aad1fec8128f0a4dba76871fc0fbd6867ac775821ab08ecb91f9bd7b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 2013 		7 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=553898122509061949
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=553898122509061949
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
an-x-request-uuid
aa7d2188-4e4f-4726-ae04-e984143e30c9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=553898122509061949
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f71333e6-5083-4419-a99d-229783f10b6a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=739a22a8-e894-494a-adac-314eb70ccae4&ssp=gumgum2&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d
  • https://usersync.gumgum.com/usersync?b=bsw&i=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=0&gdpr_consent=&us_privacy=
date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0a0042d7-2df4-04cd-0319-fc8aa45c7846
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0a0042d7-2df4-04cd-0319-fc8aa45c7846
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 02 Nov 2023 10:21:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0a0042d7-2df4-04cd-0319-fc8aa45c7846
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734$ip$185.195.71.220
Date
Thu, 02 Nov 2023 10:21:54 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.BJKNelE2pfCskOKUApbM5PTp7oi26gUsueX~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-.BJKNelE2pfCskOKUApbM5PTp7oi26gUsueX~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-.BJKNelE2pfCskOKUApbM5PTp7oi26gUsueX~A
content-length
0
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1
Date
Thu, 02 Nov 2023 10:21:53 GMT
Connection
keep-alive
X-CI-RTID
6da41888-5fe5-4ead-b40b-71681cb0ba3e
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame DDD6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f71333e6-5083-4419-a99d-229783f10b6a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=MlVfIPSfUxnhBJAcyB2q&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=MlVfIPSfUxnhBJAcyB2q&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=MlVfIPSfUxnhBJAcyB2q&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=8NDkw7mAqeFP&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=8NDkw7mAqeFP&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=8NDkw7mAqeFP&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-65nwr
expires
-1
usersync
usersync.gumgum.com/ Frame DDD6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6075063565185387860
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6075063565185387860
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6075063565185387860
date
Thu, 02 Nov 2023 10:21:53 GMT
content-length
0
sync
ads.servenobid.com/ Frame DDD6 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_f71333e6-5083-4419-a99d-229783f10b6a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
onetag-sys.com/match/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d&google_hm=NjUwZTMyOGYtOWE1OS00MWVlLTk1NzQtNGMyMWZkYmYyNTRk
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELvPpSfx-RtntckxwnXOiGc&google_cver=1&ssp=onetag&bsw_param=650e328f-9a59-41ee-9574-4c21fdbf254d
  • https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 52EC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=2467632124578826382&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=2467632124578826382&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.59.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-59-27.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 02 Nov 2023 10:21:54 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=2467632124578826382&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame F39C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mNzEzMzNlNi01MDgzLTQ0MTktYTk5ZC0yMjk3ODNmMTBiNmE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8EFC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55100
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
Fri, 03 Nov 2023 01:40:13 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2F80 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:53 GMT
server
Kestrel
csi
csi.gstatic.com/ Frame 090A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~loh1epur&c=754028308899&slotId=377014154449.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=0&ytext_hd=1&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame 7211
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=a007833e41e0bdc4d36d22598fe234cd
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=a007833e41e0bdc4d36d22598fe234cd
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
iuv0-Kg0nV0ZK8qhvNVfWgwxIzU6IiIOReOi_gDSHkDgZoFf0mnQsw==

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=a007833e41e0bdc4d36d22598fe234cd
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 7211
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
j3AMJ__FYgRfBeSKzXRcukFBylnBwSgK2OXajx5WdhA51DZnxcSLfQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
pixel
ap.lijit.com/ Frame 7211 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 02 Nov 2023 10:21:54 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 7211
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=646404a3-7a73-03cf-1cfa-f5902c0ff3e5
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=646404a3-7a73-03cf-1cfa-f5902c0ff3e5
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
H87LUcRiXEGJEIJqnlL-7J7KGBAqsIbqBhldyLTwjZdqqrD9lRMcGQ==

Redirect headers

date
Thu, 02 Nov 2023 10:21:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=646404a3-7a73-03cf-1cfa-f5902c0ff3e5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7211
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfXCDuc-iQ99byvS00qpao&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=553898122509061949
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 7211
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUN4QVPDLrIIuJjPohc2wQAA%263347
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUN4QVPDLrIIuJjPohc2wQAA%263347
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
pBuLYIyoPkreLKI_75KFfBDnm6LWSkIYd7klO5fP-vCG_QnQjE1cNQ==

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BNsDmnCT%2FAc9VYCkLxuBXkCk322o5YNpyu3opMwpB8SNooGMh9BDXVveJaM8tRivET8vBzBvdKnm0H6TPYOjtI14Wd6C0M6JlV70dur6qUtLqY%2F%2FDuzTUl%2Bn9voMm3KSpJH2mbm1A0eYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUN4QVPDLrIIuJjPohc2wQAA%263347
cache-control
no-cache
cf-ray
81fba73cbdc42397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 7211
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3154585111740024045296
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3154585111740024045296
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
D2u1pEToYP50zXBElLbnfhqDP9bqp7g6QoOk3b26KOzdyzX2S_8Dsw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3154585111740024045296
date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ads.servenobid.com/ Frame 7211 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=nnJjlSazkp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 480C 		0
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81fba73c5d5c3b5e-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:54 GMT
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame B4A0
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUN4QsCo8YIAAGWL1dEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZUN4QsCo8YIAAGWL1dEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 02 Nov 2023 10:21:55 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 02 Nov 2023 10:21:55 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZUN4QsCo8YIAAGWL1dEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad130.dc4p.scaleout.jp
X-SO-IP
185.195.71.220
X-SO-Key
ZUN4QsCo8YIAAGWL1dEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"185.195.71.220","key":"ZUN4QsCo8YIAAGWL1dEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad130"}
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad130
usersync
usersync.gumgum.com/ Frame B356
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=xkgG0zfu0NftQwbLRi5u&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=xkgG0zfu0NftQwbLRi5u&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 02 Nov 2023 10:21:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 02 Nov 2023 10:21:54 GMT Thu, 02 Nov 2023 10:21:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=xkgG0zfu0NftQwbLRi5u&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 60E3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 10:21:54 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 02 Nov 2023 10:21:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 2013
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOH1ENG5-O-8APL
  • https://ads.servenobid.com/sync?pid=323&uid=LOH1ENG5-O-8APL
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LOH1ENG5-O-8APL
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LOH1ENG5-O-8APL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
onetag-sys.com/usync/ Frame 8316 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
1e4c238292b8af325dc7dc335d5b65377acfa14f2a8c432818bb8b6be64572bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1194
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
csi
csi.gstatic.com/ Frame 090A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~loh1eqak&c=754028308899&slotId=377014154449.5&qqid=CMPu1I2MpYIDFZHg3godY7QLGA&gqid=QXhDZZbgG6rQzAap9qvYBQ&fb=ima_html5-lima&sdkv=h.3.599.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802463%2C44803784%2C44806262&met.4=ghmsh_s.loh1eqao~ghmsh_s.loh1eqap&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=SXfcWQSeitzbPc0g
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 090A 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-1290995901905588
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:36:38 GMT
x-content-type-options
nosniff
age
2716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 10:26:38 GMT
2qV2KIOHv6LGQfIXzDHBYGrnwLb46et_oTeioyDY1kwhRDcTAdfZvEPY-Rcf0OdQRSJWib3O7A=s48-c-k-c0x00ffffff-no-nd-rj
yt3.ggpht.com/ Frame 090A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/2qV2KIOHv6LGQfIXzDHBYGrnwLb46et_oTeioyDY1kwhRDcTAdfZvEPY-Rcf0OdQRSJWib3O7A=s48-c-k-c0x00ffffff-no-nd-rj
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d90e7f2e4dcad198793d039715136a18058b4707707385c6c123c508da5c9c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 08:44:41 GMT
x-content-type-options
nosniff
age
5833
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1351
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 03 Nov 2023 08:44:41 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 090A 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf3ljQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTjA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttdWktr_kdv5-S1KRc-0I9iv9lSCDMZ8WXqn24SjoYiiHR5TLebMNL3vawUQ8Q-MAE1qDI_7wE4AQBiAWRtvqfTaAGVIAHzeiR7AGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOrEJXlK34R33986ACgOYCwHICwHQCw-aDQEPqg0CQ0jIDQHiDRMInuvTjYylggMVkeDeCh1jtAsY2BMC0BUB-BYBgBcB&sigh=SM9mvAfMiuM&label=show_ad
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 090A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=COiRsQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTgA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttLWif_fk3Z7UAU3jL7KWqvSPkT8JlaeGdBneWUp_YEyYzRpDwQNvOJ3mntsAE1qDI_7wE4AQBiAWRtvqfTZIFEAgSEAUYDzCe4siS6pj3tRKgBlSAB83okewBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCkmQKoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJSGh0dHBzOi8vd3d3LnlvdXR1YmUuY29tL3BsYXlsaXN0P2xpc3Q9UExDa0xLVThCbUllU3M4djc5bWdHeTJTaGd6WC1iUVk5c4AKA8gLAdoMEAoKEJCQ06y9mJHPVRICAQPiDRMInuvTjYylggMVkeDeCh1jtAsYwhMGGJuX7pMC2BMC0BUBgBcBshceChwIABIUcHViLTU4NTUxNDk5OTg5MDM5NzYYu4l2&sigh=10X0GGOzLD8&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSPADICaaNiiKQ9X8_NtRpdLUAvNLRyqUh3B8eMyGLF0I8RgvKI2TrvOJ3n3OZ3J7VSQ8LZbHQjxExY_9Q5BgB&vt=10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
ap.lijit.com/ Frame DBA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 02 Nov 2023 10:21:54 GMT
X-Sovrn-Pod
ad_ap5ams1
pixel
ap.lijit.com/ Frame 9D5A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 02 Nov 2023 10:21:54 GMT
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

content-type
text/plain;charset=UTF-8
date
Thu, 02 Nov 2023 10:21:45 GMT
location
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame CB1C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=5383807571
  • https://sync.1rx.io/usersync/turn/4376392433870379917?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-1622b3b5-b5a2-4f88-acc2-7bb...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81fba74118f03b5e-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Thu, 02 Nov 2023 10:21:54 GMT
etag
RX1622b3b5b5a24f88acc27bbc1a279626003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~loh1eoqp&c=754028308899&slotId=377014154449.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 2BBA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.211.73.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-73-67.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/universal/ Frame 2BBA 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.255.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-255-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
cs
cs.yellowblue.io/ Frame 2BBA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.213.50.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-133.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=341aa76c3feeccdb66e7d06d8269eac&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698920514327059-537
Expires
Thu, 02 Nov 2023 10:21:54 GMT
sync
ads.servenobid.com/ Frame 2BBA 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=-2Jj2SazCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
be5fb09f-bab5-5232-97fd-7e91f2be06d3
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 86F3
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=4096350709675086086
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/be5fb09f-bab5-5232-97fd-7e91f2be06d3
0
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/be5fb09f-bab5-5232-97fd-7e91f2be06d3
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81fba73ff8053b5e-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/be5fb09f-bab5-5232-97fd-7e91f2be06d3
3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 1E8F
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
0
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81fba741a9323b5e-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 02 Nov 2023 10:21:54 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/3559a17017bc2f6f4d92bdd510042a4462229d7b4173dae278816828bea9ea8a
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
img
sync.mathtag.com/sync/ Frame 8316 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x28 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:54 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x28 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 02 Nov 2023 10:21:53 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8316 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8316 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=IpjNbrWlw6YVCu4IWBq6bmTlX0pfb99FhTRmGn0i3hk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8316
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-Nw01BMDU6PWDV-po7Xecqgehg1ssKgQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-Nw01BMDU6PWDV-po7Xecqgehg1ssKgQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi4-Nw01BMDU6PWDV-po7Xecqgehg1ssKgQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 8316 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 8316
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELcsC3GUOHyWLK4_jDUGrFM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 8316 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 8316 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 8316 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.23.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-23-195.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
IpjNbrWlw6YVCu4IWBq6bmTlX0pfb99FhTRmGn0i3hk&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 8316 		0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/IpjNbrWlw6YVCu4IWBq6bmTlX0pfb99FhTRmGn0i3hk&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
81fba73edf573b5e-GVA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
usync.js
eus.rubiconproject.com/ Frame 60E3 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2023 01:53:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55909
Connection
keep-alive
Content-Length
11104
Expires
Fri, 03 Nov 2023 01:53:43 GMT
videoplayback
rr4---sn-1gieen7e.googlevideo.com/ 		6 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-1gieen7e.googlevideo.com/videoplayback?expire=1698949313&ei=QXhDZYy_MaL3xN8Pl_q8sAk&ip=2a05:ad00:b:0:128::1&id=126bdcc6a252311e&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=Nv&mm=31&mn=sn-1gieen7e&ms=au&mv=u&mvi=4&pl=29&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=158.058&lmt=1698265309617207&mt=1698919355&cpn=SXfcWQSeitzbPc0g&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRQIgJ6emOiZx7lM1fev2DYZ1hbC7Blu032CP5XaljmVmiyACIQDSKxPCHEwKHjbNKksTAoMokBPoRfsRUvPrSsm3e2i7dw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIgV74X8UExFDsUZk1v9xxvxM6GrCU0VMVyjVb2N0JGlYkCIQDFrRmxOGa2lIKhdprIZu5hKHssmCnMIXtA2XMrFSsN5Q==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:8::9 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 02 Nov 2023 10:21:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 Oct 2023 20:21:49 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-43581659/43581660
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
43581660
Expires
Thu, 02 Nov 2023 10:21:54 GMT
2467632124578826382
csync.smilewanted.com/set_partner_userid_get/adform/ Frame BACE
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/2467632124578826382
0
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/2467632124578826382
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81fba740787d3b5e-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 02 Nov 2023 10:21:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/2467632124578826382
server
nginx
sync
odr.mookie1.com/t/v2/ Frame 5375
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=IpsvCF9jNkRmaWQ1VElvQWhSMEVYT2cwbnh0S29XRlAlMkZTJTJCR3lKeTZHRk5rZ1BQSkJNQm9tdyUyRkpOZ29NV3g5ekprUUolMkJFQzFlUW1FSnVBQ3dYeGc4ZWJqSTdMQ0NoempLZ3h0d...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=criteo&gdpr=&gdpr_consent=
42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=criteo&gdpr=&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:54 GMT
etag
"6530c7b4-2a"
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 02 Nov 2023 10:21:54 GMT
location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=criteo&gdpr=&gdpr_consent=
cs
cs-rtb.minutemedia-prebid.com/ Frame 881F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id
oeLdnIWBvaM9ZOMzfn2tw-BS9Gh0ojS7lOomN6YcJvQ4AL87NP0Gvw==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

content-length
117
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7BBA 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 02 Nov 2023 10:21:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CM29RAS6CJ4M7T6TYP9A
cs
cs-rtb.minutemedia-prebid.com/ Frame 005B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NcTA0TTJx4cuyMPXYcTZhDWQlYcuks2AM8jaJOyQ
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
0
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id
qU4451sTPrhvP5xtenyyIbkWZBh_DNGGzJZi4xme1dI9bPEQr_KZyw==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

content-length
117
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:54 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 69C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=553898122509061949&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id
FHQ_Pc4LrxFjPcPFKfxi4E8nQwbAsKnXBemSGvV9etIKskfIqL5nug==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

content-length
117
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 7526
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296808046146549916&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296808046146549916&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 02 Nov 2023 10:21:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296808046146549916&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
odr.mookie1.com/t/v2/ Frame 0690
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=pubmatic&gdpr=0&gdpr_consent=
42 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:54 GMT
etag
"6530c7b4-2a"
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 02 Nov 2023 10:21:54 GMT
location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=650e328f-9a59-41ee-9574-4c21fdbf254d&ssp=pubmatic&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame AE89
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_npTEel5WHNtX_XPbHsnNLnDR9w&gdpr=0&gdpr_consent=
42 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_npTEel5WHNtX_XPbHsnNLnDR9w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Nov 2023 10:21:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=_npTEel5WHNtX_XPbHsnNLnDR9w&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 777E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 02 Nov 2023 10:21:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 656C 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6920-MXP
x-timer
S1698920514.439204,VS0,VE99
ImgSync
image8.pubmatic.com/AdServer/ Frame F630
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFV1FFN0todkFBQUJlN3ZMV1oyZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEWQE7KhvAAABe7vLWZ2g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEWQE7KhvAAABe7vLWZ2g&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEWQE7KhvAAABe7vLWZ2g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6075063565185387860&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEWQE7KhvAAABe7vLWZ2g&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 02 Nov 2023 10:21:53 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 9E3E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe9cc62e2508e495bbcd894294fc7814b
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 02 Nov 2023 10:21:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 732A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Nov 2023 10:21:54 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame A2BC 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:54 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
cm
ipac.ctnsnet.com/int/ Frame CF75 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame E311
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6780142541224797239
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 02 Nov 2023 10:21:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cs
cs-rtb.minutemedia-prebid.com/ Frame B15D
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685630498578664
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:bc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id
zxz_ChRbVkz5o0OWWoXElWU7C0W37Gp0b2f1fyN1z9ZAorQ7vayRQQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
4

Redirect headers

content-length
117
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesync
core.iprom.net/ Frame 6F4C 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 02 Nov 2023 10:21:54 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-26faf2de7c05@version_1.575
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 21A6 		0
0
i.match
a.tribalfusion.com/ Frame CB95 		43 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81fba73f7aec3ca5-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 02 Nov 2023 10:21:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
ImgSync
image8.pubmatic.com/AdServer/ Frame BBA2
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=27773147ecb03237/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=35173e3d9d93849ada1ea497a000bab&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXTTTYbWTnjhaYXYT&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 02 Nov 2023 10:21:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 02 Nov 2023 10:21:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
ads.servenobid.com/ Frame 79CA 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 02 Nov 2023 10:21:54 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EA1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=66xKi8xoR6OUe0j9ORmrjA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55099
accept-ranges
bytes
content-length
5606
expires
Fri, 03 Nov 2023 01:40:13 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 4EA1
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.249.63.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-63-196.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.142
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.16.201
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 4EA1
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=901088620
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=901088620
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
via
1.1 google
last-modified
Thu, 02 Nov 2023 10:21:54 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
via
1.1 google
last-modified
Thu, 02 Nov 2023 10:21:54 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=901088620
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 4EA1
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODllVC1jeUFERllSbi04NlVpeHo4TVg3dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2467632124578826382&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
54.173.102.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-102-35.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 10:21:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 02 Nov 2023 10:21:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMfXCDuc-iQ99byvS00qpao&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame 4EA1 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 01 Nov 2023 10:21:54 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2467632124578826382
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 02 Nov 2023 10:21:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 4EA1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4EA1 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EBAC4A8B-CC68-47A3-947B-48FD3919AB8C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fzCCZM1E2uUvPeoqxxBakcY5MAGjPME-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fzCCZM1E2uUvPeoqxxBakcY5MAGjPME-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fzCCZM1E2uUvPeoqxxBakcY5MAGjPME-~A&gdpr=0
date
Thu, 02 Nov 2023 10:21:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5eee3ca7-0f05-4c29-b836-502b2a6ae866-65437842-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4448450027908307853&gdpr=0&gdpr_consent=&us_privacy=
1 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4448450027908307853&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4448450027908307853&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=419ebc7d1d316e8&is_secure=true&networkId=17100&version=1&nuid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAII1ZTErDMUAMAzEINAAAAAAA&expiration=1699006914&nuid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:710fffe7-94d1-4874-a871-7a00cd1ce488&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 02 Nov 2023 10:21:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
getuid
cookiesync.api.bliink.io/ Frame B876 		24 B
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.65.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-length
48
content-type
application/json
date
Thu, 02 Nov 2023 10:21:54 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
3
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F3E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv022nf-C9mC8iltO2uSnzmM6SazGJHh6qvejBK3jhnPXcay9YC9V8gU5yKtet7bMZu-TXvO4owwGn2Yzs6pcsuBW7LU5pzog0WfGdQR2IQQo81i_GkEkHTltS_0_ME&sig=Cg0ArKJSzA2r96D4I2u_EAE&id=lidar2&mcvt=1118&p=1110,315,1207,1285&mtos=0,1118,1118,1118,1118&tos=0,1118,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=7&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698920511550&rpt=1671&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B014 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHLHqMZYo-1m-hX-79kteD74pIlvzdVmrg7vjx-4-FiGc8V9FXr8tFsPWfxDRJe5gWJNH-dr0ac3W8Btel3sr_qqUfk3UzJBi0TVrtVuEfCJG7dWJo_0OkX7z_fbTe&sig=Cg0ArKJSzHc10OuF6vXuEAE&id=lidar2&mcvt=1122&p=60,236,157,964&mtos=1122,1122,1122,1122,1122&tos=1122,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698920511513&rpt=1713&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 26C0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-4NfKEHBxizNWb1vd2M6OgoTa9dZ7GnK8Vb2vZRnpg7HTlbqLtVQBoX03JF3k5NCXgJP-aKOAIeHkFn0RbkTmrN5FrXxRJbi-hB-2nqYh3DT78alD2hsmsgZhkCtdBRaFpUYc5-V_7MMCRr1OqNxULeP0HJpwg8ag_8RJnPHuo760quvlFs8U5hwlYZ4XI-i5HSEfbypw0oWgKqNAWl3QLlf_AXmvgLYA8w0f_uYWNuadULQatVKnvrIEiCN4HAUnsKT2A&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 02 Nov 2023 10:21:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
341aa76c3feeccdb66e7d06d8269eac
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 172D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/341aa76c3feeccdb66e7d06d8269eac?gdpr_consent=&gdpr=0
0
712 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/341aa76c3feeccdb66e7d06d8269eac?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81fba74088823b5e-GVA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 10:21:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 02 Nov 2023 10:21:54 GMT
Expires
Thu, 02 Nov 2023 10:21:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/341aa76c3feeccdb66e7d06d8269eac?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1698920514497064-591
khaos.json
token.rubiconproject.com/ Frame 60E3 		7 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOH1ENG5-O-8APL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
csi
csi.gstatic.com/ Frame 090A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~loh1eqeb&c=754028308899&slotId=377014154449.5&qqid=CMPu1I2MpYIDFZHg3godY7QLGA&gqid=QXhDZZbgG6rQzAap9qvYBQ&fb=ima_html5-lima&sdkv=h.3.599.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ua_e=1&met.4=ghmsh_s.loh1eqf3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 209C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231031&jk=3372074091963421&bg=!nJ-ln9DNAAbo5yKYyOc7ADQBe5WfOKD33RBY38qOqMwPsplI9iHV5tBSNAxxx5H2IR8dIr9EtRWWQDpW2h7aT8jf0WRKAgAAAPpSAAAACmgBB5kC0tkj_Yvu_H7Khyz66XO5b321bqmCqsMSgaB9T2honLiMOH1LiRhHk9x3OrrD6kW38mMw7WVUSr66rPzzVYuSPJIh1GAkYU75071s9FqJaBwDumS7_Oji-px7X-TP6o2fu_RPkHXAu4f6i24-wRJhhpAM3gcF0oTpN5afZ4tddK46uX1zv1nzSBHIoHZHarjr7Q0OKa1T4jtfuKlAlL9O8_2FScX2DB3K1rvpavALiRgCddFQ2S7L1QXD5F8LPOmXCIxDmML56IpeorMmgo2K8WL3VM-TfQRzq_TSeGHTO4YAgGxWm0ZjmMyjXo63MPQMX3to6TjxXUiAMUfLPbb9WTGy1-WPHqGzZ8ttAq9zFaDTWAWYq9ECbCEr_ZWg7VYG4KGf7zKR_iGUoNVoSdkIT_gEoHFwNa2Y6iqLF2BWoB8w2AGV4cdwNnnlh6PGhlz98YcsSHAo4S7Ti0EcZm_0tn80BoRb0UAmQCNbjpqLDmDRcdWSIbxLiklYs7NQeHdNtSJn_jZHx2_5LGcqfpwsSOpiVkgB_Wl4Gm4WGeY4k4wC5Q9eNhi56zqbyW8kB7dsRxrt9rtyEEqeFm7dxe5vtEDIka2ZSex1Vxwn2LpdOXbdIREPQagvh8g9_g8NavizQ2JAmRClOcIbojegDtuls98sm_cFOLVYb-9GiZLuSFOAXmKIRUf6EddmN_0J7bi8obf6S5E3Ke4gC2ccTv3oCN9b81UdM7mBumIrl2CFUhXk_mQrh7ZbFzM4xPPrE72oiPnU6HPBmP23ewijSUpE6KWOW9qk0R-rONhxoveaPrmYtbNrA7CIuSCO-QelBIzSCVsOjBCONCLKxXs7s_Iku9pAusOzu_EiKKbB4D9qTVxgaTNgBHdWsKpoZAvQftNt38yfi6mfmeAZUBFdcqMmtC_RZucTCTwjOODgPnQwpNDDZgCOSkV0wz21qDsk3MYYY-dD
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync
usersync.gumgum.com/ Frame 60E3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOH1ENG5-O-8APL
  • https://usersync.gumgum.com/usersync?b=mag&i=LOH1ENG5-O-8APL
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOH1ENG5-O-8APL
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 02 Nov 2023 10:21:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOH1ENG5-O-8APL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
async_usersync
ib.adnxs.com/ Frame 26DE 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
an-x-request-uuid
86fd4025-df73-47e4-8b38-4aa1befda038
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.220; 185.195.71.220; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtct_adp_lib.20200515.min.js
js.genieessp.com/j/ Frame 2E64 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1551001
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:54 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 03:22:42 GMT
server
nginx
etag
W/"652cac82-411a"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Nov 2024 10:21:54 GMT
cic
ialaddin.genieesspv.jp/yie/ld/ Frame 2E64 		43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/cic?cik=ebDh_C-B0cwMBvXe7FGE9p1p-6Zl-yY0woHVPETslUlCi79JgMaz43dqElVeJiszpEVq3LMys8N9LPjzYQ3NpxjvHgk&noas=11030163
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.13 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p013.net133186012.broadline.ne.jp
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 090A 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=Cf3ljQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTjA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttdWktr_kdv5-S1KRc-0I9iv9lSCDMZ8WXqn24SjoYiiHR5TLebMNL3vawUQ8Q-MAE1qDI_7wE4AQBiAWRtvqfTaAGVIAHzeiR7AGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOrEJXlK34R33986ACgOYCwHICwHQCw-aDQEPqg0CQ0jIDQHiDRMInuvTjYylggMVkeDeCh1jtAsY2BMC0BUB-BYBgBcB&sigh=SM9mvAfMiuM&label=video_ad_loaded
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:54 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 090A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=COiRsQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTgA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttLWif_fk3Z7UAU3jL7KWqvSPkT8JlaeGdBneWUp_YEyYzRpDwQNvOJ3mntsAE1qDI_7wE4AQBiAWRtvqfTZIFEAgSEAUYDzCe4siS6pj3tRKgBlSAB83okewBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCkmQKoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJSGh0dHBzOi8vd3d3LnlvdXR1YmUuY29tL3BsYXlsaXN0P2xpc3Q9UExDa0xLVThCbUllU3M4djc5bWdHeTJTaGd6WC1iUVk5c4AKA8gLAdoMEAoKEJCQ06y9mJHPVRICAQPiDRMInuvTjYylggMVkeDeCh1jtAsYwhMGGJuX7pMC2BMC0BUBgBcBshceChwIABIUcHViLTU4NTUxNDk5OTg5MDM5NzYYu4l2&sigh=10X0GGOzLD8&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSPADICaaNiiKQ9X8_NtRpdLUAvNLRyqUh3B8eMyGLF0I8RgvKI2TrvOJ3n3OZ3J7VSQ8LZbHQjxExY_9Q5BgB
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 090A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 16:41:03 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 090A 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CE47GQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTgA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttLWif_fk3Z7UAU3jL7KWqvSPkT8JlaeGdBneWUp_YEyYzRpDwQNvOJ3mntsAE1qDI_7wE4AQBiAWRtvqfTaAGVIAHzeiR7AGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaoNAkNI4g0TCJ7r042MpYIDFZHg3godY7QLGNgTAtAVAfgWAYAXAQ&sigh=uL_nWpkGZkM&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=vast_creativeview&ad_mt=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 090A 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CE47GQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTgA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttLWif_fk3Z7UAU3jL7KWqvSPkT8JlaeGdBneWUp_YEyYzRpDwQNvOJ3mntsAE1qDI_7wE4AQBiAWRtvqfTaAGVIAHzeiR7AGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaoNAkNI4g0TCJ7r042MpYIDFZHg3godY7QLGNgTAtAVAfgWAYAXAQ&sigh=uL_nWpkGZkM&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=part2viewed&ad_mt=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
www.youtube.com/api/stats/ Frame 090A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=30&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=158&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=SXfcWQSeitzbPc0g&docid=EmvcxqJSMR4&visitordata=CgsxbzJwOFBOZHBjaw%3D%3D&of=Ccg5UgwBk05OqDbmklOISQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 090A 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CE47GQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTgA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttLWif_fk3Z7UAU3jL7KWqvSPkT8JlaeGdBneWUp_YEyYzRpDwQNvOJ3mntsAE1qDI_7wE4AQBiAWRtvqfTaAGVIAHzeiR7AGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaoNAkNI4g0TCJ7r042MpYIDFZHg3godY7QLGNgTAtAVAfgWAYAXAQ&sigh=uL_nWpkGZkM&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=admute&ad_mt=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 3803 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
174079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 10:00:36 GMT
expires
Wed, 30 Oct 2024 10:00:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
eu-u.openx.net/w/1.0/ Frame B212 		795 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Requested by
Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c32f8c54528d1fd6592597f8e5355fafcead49ee585a387fe446eb6a898f7910

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
458
content-type
text/html
date
Thu, 02 Nov 2023 10:21:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 3803 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 09:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 09:49:33 GMT
sd
us-u.openx.net/w/1.0/ Frame B212
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685630498578664
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685630498578664
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685630498578664
Date
Thu, 02 Nov 2023 10:21:55 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame B212
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUN4QgAAANjH7wBC
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUN4QgAAANjH7wBC
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mxp6920-MXP
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698920515.146451,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUN4QgAAANjH7wBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame B212 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame B212
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AAEWQE7KhvAAABe7vLWZ2g&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AAEWQE7KhvAAABe7vLWZ2g&id=537125688
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AAEWQE7KhvAAABe7vLWZ2g&id=537125688
Date
Thu, 02 Nov 2023 10:21:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame B212
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=2caf19bcbc4c16b1&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIQNMhaWAb5gNsLW1yAAAAAAA&expiration=1699006915&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIQNMhaWAb5gNsLW1yAAAAAAA&expiration=1699006915&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIQNMhaWAb5gNsLW1yAAAAAAA&expiration=1699006915&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame B212
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=_npTEel5WHNtX_XPbHsnNLnDR9w
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=_npTEel5WHNtX_XPbHsnNLnDR9w
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=_npTEel5WHNtX_XPbHsnNLnDR9w
Date
Thu, 02 Nov 2023 10:21:55 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame B212
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Imtsm6xnhbWCFqDQvxVDug==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
69fa80e3-954d-aed2-55b5-fa92935bb449
pr-bh.ybp.yahoo.com/sync/openx/ Frame B212 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/69fa80e3-954d-aed2-55b5-fa92935bb449?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame B212
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=650e328f-9a59-41ee-9574-4c21fdbf254d&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 02 Nov 2023 10:21:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame B212
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=xkgG0zfu0NftQwbLRi5u&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=xkgG0zfu0NftQwbLRi5u&pi=openx&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=xkgG0zfu0NftQwbLRi5u&pi=openx&gdpr=0
pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT, Thu, 02 Nov 2023 10:21:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3803 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.599.0&bgai=BHz6QQXhDZYPKHZHB-wbj6K7AAQAAAAA4AboFEwjWhNONjKWCAxUqKNMKHSn7Cls&bg=!k5ClkN_NAAbo5yKYyOc7ADQBe5WfOLazdkur5fJ3ekthtbXpi0DVa5vzWmhx0ssbp39Q3miqIGkcFFYp_CIzBh9Y7vyEAgAAAG1SAAAAA2gBBwoAUfT3eoVODSVgGFn2HX70E0Pi-T_a2bfLWJgaN6GpPnfu1EC9H0oertjTS9qAZq8bGPSG6KJhtCOPdwls_OrsZp9mDZhRTEi6r4XkTX45MXgGKpkCMP6krhY-an-AIojAyudnIotpbDoc-fSY1LbCUWwtIDXHCkqBTrNnEMVoPz5Iu7YWDy_bng4uThqqQ7idn-McGFODy2gzc1ZyYi3pDctoY89A4rrqZvFmJbLtdSAYmgdVLzkpNlp2HSPKIFRyyn-X8Tu8PhpHxVkBwOIM3YkGQcm4HTesR7bOR-8SeRXp01MtmC0OzL7Jav-VG_wHf2HPCusCZI685cn9qZO0VmwsNFmxWcROwjQSonEW1-fXxslb7eirESsiw7TD2EoQ_Xfo_It1Xm3DAlW8lQctamvkxvV2qWddEzNyhiJM9i-QM4ApGjrtWbZ31ImNyw2GrqmWO0DcPaGRrucIWpNB8l0y41OhpGz0atg25UWVNKF6IaaYwS7Ikb-R2TjLu1hHeV6yES2Cj02-coMHM6_NGNcBu4JdiSrDuAkMmxT4sOowDtMOk4zpxzcfQeLV0VYvEnh8Ya3IfiB9SIHtz0aMKgCaLY9xosPPEXKaW9aoI0W5_amYJEzrCI1pbvxRQFh1U7z_laybMv6aXAwru4iu7YLInluFbHDmn8r4HrsHssrOQjSUFUYJwjDTL1K0R4OdiF09WWJ6me2fsEXuFRIzdaD7u79seCD-B7OhKYZmAi6AE3eyMU5kYJOw4EU2DvSi1SSzytjmWKczDY38blaGe30oRY_8o36tdHNjV9ioDjl49SWIoxAiCJeM8H9NKpZ3gyPZx9weDZVhnJy_Y4kH9EYgxp-C
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1698920516333&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1565&pt=-87615671&tz=60&viewable=true&ddast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
595e14790d176a03c0bc4bd57675f4b49e538215b711dcbc8d475842e61312dd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:56 GMT
content-encoding
gzip
server
nginx
machineid
1404
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4EA1 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3au1v886690812&_p=1326638089&gcd=11l1l1l1l1&cid=299927836.1698920509&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698920512&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&dt=%E6%B9%96%E4%BA%BA%E3%80%81%E7%B1%83%E7%B6%B2%E8%81%96%E8%AA%95%E5%A4%A7%E6%88%B0%E5%B9%B3%E5%9D%87%E7%A5%A8%E5%83%B9%E7%A0%B42%E8%90%AC1%E3%80%80%E9%80%99%E5%A0%B4%E8%8B%A5%E5%8F%96%E6%B6%88NBA%E6%81%90%E8%B3%A011%E5%84%84%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=15
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4EA1 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31932817&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
bbde607ee0e4a2381118b522f40cc9fa84a59909474c37c9b6622237e6877500

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 02 Nov 2023 10:21:55 GMT
content-length
1242
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 8010 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
ad.mrtnsvr.com/sync/ Frame 6F1A 		0
0
pub
matching.truffle.bid/sync/ Frame A2CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 02 Nov 2023 10:21:57 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame C7FC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48C6BEFFDF2146F6962BF9F1B8B41114&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48C6BEFFDF2146F6962BF9F1B8B41114&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 02 Nov 2023 10:21:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 02 Nov 2023 10:21:57 GMT
expires
Wed, 01 Nov 2023 10:21:57 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:48C6BEFFDF2146F6962BF9F1B8B41114&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 7F39
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3921084277
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3921084277
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 02 Nov 2023 10:21:57 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 02 Nov 2023 10:21:57 GMT
etag
RX1622b3b5b5a24f88acc27bbc1a279626003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3921084277
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame B224 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.177.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-177-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 02 Nov 2023 10:21:57 GMT
mw
mwzeom.zeotap.com/ Frame 4EA1 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81fba75179a93b5d-GVA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 4EA1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:22:07 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:22:07 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4EA1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:57 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8EFC 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37479617&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 02 Nov 2023 10:21:56 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame BCB4 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 02 Nov 2023 10:21:57 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame 4386 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 02 Nov 2023 10:21:57 GMT
Expires
0
Pragma
no-cache
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1698920519221&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1565&pt=-87615671&tz=60&viewable=true&ddast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
075ba96218344d16eba626d3398e61be138b72c96d100cdc3bdf87b769f46531

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:21:59 GMT
content-encoding
gzip
server
nginx
machineid
1475
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4EA1 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 10:21:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame 26C0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-4NfKEHBxizNWb1vd2M6OgoTa9dZ7GnK8Vb2vZRnpg7HTlbqLtVQBoX03JF3k5NCXgJP-aKOAIeHkFn0RbkTmrN5FrXxRJbi-hB-2nqYh3DT78alD2hsmsgZhkCtdBRaFpUYc5-V_7MMCRr1OqNxULeP0HJpwg8ag_8RJnPHuo760quvlFs8U5hwlYZ4XI-i5HSEfbypw0oWgKqNAWl3QLlf_AXmvgLYA8w0f_uYWNuadULQatVKnvrIEiCN4HAUnsKT2A&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUN4PgAKahED5_5bAA_SHCvjjsRs3i_lxbznng&u=%7CN9udx8bucqgnu6sA8P1%2FAdRUOgreDv9TlTfTpjXcmDg%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjvySoi8EfocecFMWbk6KpysMnL1DYBHAwoZh0NDQwBgri6BSwC0EKzvlaIgmZD8iq5K-43uCctEyhge45ATv7m1sQM1PABCYEboc30pLhnKyhYJJrHvUANfPA2AWjNSqIUrf_WLtDhgScMpFmigagGglfp5AnVAmlhfC9ycmPnA_cLn8I8Pl526S2IYwoNjbawmwJJdWRxFJ4C_iEMOhMtjpKOIfvKvTVWSFIz-L2kSuXyanL_4Q2TFEJKhGmWQjkPaGDkWDppqVw9TsuhehnFw99eoa4N7hw2bQrrO991fCkq3KJC3nHJCvH6_aD7btYDYw2hpVwq9H6UgTwdYTT3cEhh5AYn3cm7QmSZm2HIgBjEWgidDh3rN8JpmKlHlq4hukzzaS3B599d3IgmFeMbOSmqD9BJNxW0g1P-bAS0oHJMnOQDcRStjznLt6vCJ8nqLglgjQsaHFuuDRqEgiyHb7-V1V0FYx7a-uB1BcoAD7Sbb0E2hKAln8GE8WvLV15MwWa72HhNnWBMYjclhhjpNtuuqpkl7YI1hVY1qFSEnugQ3EUJb-fas&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRshyPnhDZZHUKdv8n88PnKS_0AfJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC6eOtciK8sT6oAwHIAwKqBNgCT9BB8t_F02gzPoWgQ6Nxkm6sWIeYporfXVyN8v4i1qDmStHPOhqPC4RG9NX2N2--JZqVbQQfz32kYMBHQNLMh0skuM875Oztc4vzAUK0HhhNOYSsjf7XD9tf6w33tN_R9HfvBkcb7NNJgtW9Jmvi9xXYzbf5lTfQfIl41UR10tHjFBP2D2xo9BHqtguTZHbsXwBO6uTm4P8XmQ_vLN6b7RFF-rlEKPy17LVPgt7ZB93IL_mz_U4sGOE00tzWRgtp2OIb4gpMWIOHBcEaRrGJKfYlCx2oQZ_x8Zdl2VjVLEC9cnfOhu2vb_uz67i4QPkedZIF66Bq6Avi7uy2H18VW2mf3Csligaltg4bD79zRP8QxKHnC2fmZXST_CIAoYb4aUvJB14SJ--rgr9yC6Wzagv-ZZimC3d5MDIG7vDFfM9GEqwBJmaf1d7kHTMavu9DJbCjCPuF9XmABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Hip7w0TYpNJnu-mzmqd27yuvPFw%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 02 Nov 2023 10:21:59 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 090A 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CE47GQXhDZYPKHZHB-wbj6K7AAbToj_xztOaSgOAR353KhbUJEAEggM_UfGD1BaABm5fukwLIAQWpAh5QJaEPXMY94AIAqAMBmAQAqgTgA0_QBulhKj8HihJ8JvWCYEru6sHW6Ak8APawVzVM5x-BMDrRIwdVHoBXswPZKpuasz28qaTUz4jvILZzqr8IvgwKgnHZWpfaf4260vxB5zyoLkeNc1WGfGgz0nUDFcs2Uv0fTN1AvZ9IpNwLPXbxR-S7yBrH_Q60JD8YMTXpOoKlbvh0NvCuwIoYQkb9knrNEVhHgx_7aNhgmenz0kxmLer-PMXJeflQVmzwDG1MjZGVB0vVLN9pUMWUrDBjs3woLRNKGJIOGIW7kKMiUhSt_NAmWhZ0avmpcJhs6oKF1luQwv6iDTIDTQQNaoS6e-tEb3lKJ1_BWS8xQP05viJMCTW2XL0HEF5QaQpXlHWFP_iXFrLD__yGF4tAo8pk6JtypswhQSjXSfPwnkAR__9M0R_zmzq0FCRTIBwTiYyWM7-PBB0Jns35PBf5cbqDXtiIACWSPgA4O_p45oSFKQTReaU-aHlPGNPOxoIcOPcQ-mTT8fWElZZ5EZWiRpXN89E5Hn_jHo0XF6Df3nR8nv8l7HPVVdsI9HCKdiUIi11CgGjC6DT6TkiouvjOpmUsmffcG_0CXUttLWif_fk3Z7UAU3jL7KWqvSPkT8JlaeGdBneWUp_YEyYzRpDwQNvOJ3mntsAE1qDI_7wE4AQBiAWRtvqfTaAGVIAHzeiR7AGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaoNAkNI4g0TCJ7r042MpYIDFZHg3godY7QLGNgTAtAVAfgWAYAXAQ&sigh=uL_nWpkGZkM&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=video_skip_shown&ad_mt=5206
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:22:00 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1698920522217&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1565&pt=-87615671&tz=60&viewable=true&ddast=V8p0wCLAaMkYzM8QL9IBMYIxmZ4wX6QS4AAABgYID-AEluDJPBYLRYqzYL51q0nHjcCofFs1YsHIvBZjiaDFeeISCh0cK38o2Ga5FpOViLVquZWzgb7taKhWe5GK1sltHMOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8Qtdb8rK7xQ67W_ew-9yao8vuc4scdrfI4ZYeHXa34Gn3uaWuu1vwdPjdUqfLLfi7JWu_W7GWHl1ujdFh97klr79b8XoLnw6_W25xeP12n1vwcroVi-XTLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAp4izACAAAAkDt8xH1kkk5QsagCAECQbgXgCgBAwOJjI2xJGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSCysdgmM4dxNxwsJzPHyLmwOSa74Wi5nDgmHo_LexIlI13f1qr9-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHAZDQYjmaLtWA1GqxFm83CrbC4TG6FzWLbLBYbx8TkWYteH9PHs7GZLB4vEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXNhbbZOYw7oaD5WTmGDkXNsdkNxwtlxPHxONx-QuT0WA4mi3WgtVosBZtNgu3wuIyuRU2i22zWGwcE5NnLXp9TB_PxmayePyN2XK4nAxWg-G-MVsOl5PBajDcd-gM39XnbFSWVZKPTmSYbs_TmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinaiWi-XKslitNobBZriaLYez5WqwmXgsJtNu41lMxBKl6SKd6BV-oestedndYofdrXvYfW7N0WX3uUUOu1vkcEuPDrtb8LT73FLX3S14OvxuqdPlFvzdkrXfrVhLjy63xuiw-9yS19-teL2FT4ffLbc4vH67zy14Od2KxfJpF5reZov6jxxiuJorlqu5bjGXTAarBAAAAAAAAABgCaaZbgIAAADgZFDDzXCxWi6Ai6AsXcAmAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG3mGUGs1WpZAwAAEMAGAAAQwE033gS0R3L2AWFFHLlS6IXzI8jBarh_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
595e14790d176a03c0bc4bd57675f4b49e538215b711dcbc8d475842e61312dd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 10:22:02 GMT
content-encoding
gzip
server
nginx
machineid
1419
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/ccdcd2b98f8188397fd99e8c7144e7b2.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/e8882cff341d574157c88cb9063a4d1b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202108/bb9ada5f9e738b3f53fcf899614a162c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/85da8136d7fd03b97e524494fd2dbf81.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d86fec56efcbd6586a9d9382879e71c5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/f82cb90d6b0fbc0f74d36a5aeb109350.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/631301e1711a7bc0f86c220178fcd36a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202012/e56105ece9d2a3d9670876c981fa355b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/db7a64218d7e4b57fc5ee8ae9a7c77ca.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/94296caa1c581cb363af0a23cce6119a.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/348cf941f6aeee1af0ba0ac18d4e6f83.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/aa39faf6b4280143b69a66f970306e85.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/58ff62de9ac8ef5e3d55e99f95cda08a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/846f91d6fd3fd30ebe5df55c02422e0e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/44953545b63a44398d620b70bf150cdc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1b53eb39b80b74b843aad08b7ddfb4c4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/bedcf6190a4a54ab07da232011e0757e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/3d0f31eafd415c4432660a5a60988972.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/eea5db52e3a3b3c32418509a70883cb0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/556e50590022ec7f928dbaa8b1aef30a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3b50d0c41d8a83fca8265ce0e00e01bf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/5e103ce1c89b25ef956359c73b8117e7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8c723cf740c8514748ca479921779bca.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/34e40d5748d34a17250d62f585821f8a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/f7f16ccbef533c95bd8f97e246bf5d6c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/71716654d50f07aceefecae6f495aa91.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ae637c79e18ee2a593e98499558784df.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/daea66ba1cd822bf2b0ae48f24828244.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/489eb1289ecb7267c84a8efb0a0034f7.jpg?w=150&h=100&q=100
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP function| _statcounter object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| _typeof object| TRC object| _tblConsole undefined| msg object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| adRecover object| ucf object| request string| paramsString undefined| google_measure_js_timing number| google_unique_id undefined| $ undefined| jQuery function| jqAlias function| setImmediate function| clearImmediate object| aries string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags string| nam object| placementData object| google_reactive_ads_global_state number| vidverto object| regeneratorRuntime object| aries_registry object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions function| inView object| cmTag function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| _cm_wfCounters string| lastWfUrl object| _aries object| inViewWindow object| google_ad_modifications object| google_prev_clients object| vidvertoPromiseCache object| closure_lm_700262 boolean| noPreviewPage function| startCMTagMain string| category function| VidvertoPlayerVideoPlaylistUI object| closure_lm_943766 function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| closure_lm_423120 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

205 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCzFg
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1698920508.3185CD9D89DA4F5B0BCB54C8EEDD5495.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1698920508.0
.statcounter.com/ Name: is_visitor_unique
Value: 1698920508103237318
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1698920508.1.0.1698920508.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.299927836.1698920509
.bg3.co/ Name: __gads
Value: ID=c74022cbe5ac516c:T=1698920508:RT=1698920508:S=ALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg
.bg3.co/ Name: __gpi
Value: UID=00000cb124cfc69d:T=1698920508:RT=1698920508:S=ALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnyHtckoVdK-f2EM3FPeJZJUWfwyiITV67PlQex0toQseAjVLT0J4rl3U5z-eY
.aralego.com/ Name: sspid
Value: 05e3d8c7-6920-3f1f-b93f-555ad1482cbc
www.bg3.co/ Name: __AP_SESSION__
Value: 05068ce0-fd2b-44de-81f6-6511c6307d02
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D02408461-0540-433a-abed-afb6311c1bd3-tuctc3cfdbc
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 5ff56fd3-bba8-4317-b99f-f049bd1493e4
ad.vidverto.io/ Name: moxuuid
Value: f415c98d-f000-4f74-8052-d8d05d56b8e6
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1699006909
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1699006909
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1699006909
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1699006909
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1699006909
.aralego.com/ Name: euconsent-v2
Value:
.teads.tv/ Name: tt_viewer
Value: e47edc1f-ce5f-4b30-954f-eb61880f0eca
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: a007833e41e0bdc4d36d22598fe234cd
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwvvCNqgY4AUABSAEQvvCNqgYYAA..
.adnxs.com/ Name: uuid2
Value: 553898122509061949
a4p.adpartner.pro/ Name: apuid
Value: 3dc0edf3-0f99-40c9-8368-7a0a8c21b5d0
.prebid.a-mo.net/ Name: __amc
Value: 2_1698920509_1698920510
.bidswitch.net/ Name: c
Value: 1698920510
.bidswitch.net/ Name: tuuid_lu
Value: 1698920510
.bidswitch.net/ Name: tuuid
Value: 650e328f-9a59-41ee-9574-4c21fdbf254d
.yahoo.com/ Name: A3
Value: d=AQABBD54Q2UCEL4chTcFfKMEdVzMiMYT0ssFEgEBAQHJRGVNZbti0CMA_eMAAA&S=AQAAAnpYux4avc-00DIW6gZyzlE
.smartadserver.com/ Name: pid
Value: 6075063565185387860
.ads.stickyadstv.com/ Name: UID
Value: 341aa76c3feeccdb66e7d06d8269eac
.rubiconproject.com/ Name: khaos
Value: LOH1ENG5-O-8APL
ad.vidverto.io/ Name: adpartner
Value: 3dc0edf3-0f99-40c9-8368-7a0a8c21b5d0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
ad.mox.tv/ Name: onetag
Value: yQ2cyt-dFgPj34rVvgyM9vA6s3EpQ2kITwlj4eAlI8s
.criteo.com/ Name: uid
Value: 56af5f7f-0285-464b-8928-a0a28530583d
.360yield.com/ Name: tuuid
Value: 9c862516-bac4-4675-8fc3-65c5834d9915
.360yield.com/ Name: tuuid_lu
Value: 1698920510
.quantserve.com/ Name: mc
Value: 6543783e-975b5-f6aae-c9b09
.admixer.net/ Name: am-uid
Value: f9b3236b921b40f48201db5558b64937
.bg3.co/ Name: __qca
Value: P0-189277612-1698920510127
ad.vidver.to/ Name: bidswitch_com
Value: 650e328f-9a59-41ee-9574-4c21fdbf254d
.adnxs.com/ Name: anj
Value: dTM7k!M40DF7/.XF']wIg2InAd@e`:!]tbP6j2F-.aDyjByG0>mtJ[qi.0Mz@:gP2dH2mwD2q$A@K[=Z:4=sB!%n!hFI2$7
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPSDFFTkc1LU8tOEFQTCIsImV4cGlyZXMiOiIyMDI0LTAxLTMxVDEwOjIxOjUxWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTAyVDEwOjIxOjUxWiJ9
.amazon-adsystem.com/ Name: ad-id
Value: A3m0a4fbs0ZqsSjL7MypKuk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AAEWQE7KhvAAABe7vLWZ2g
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: bcookie
Value: "v=2&78b0f4bb-597f-466a-8f88-6373ab421021"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTg5MjA1MTE7MjswMjG9gTbPBUWBQT8l/0nbZE8kbiyWK2N4m8VqdqOHLkjZ/w==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3075:u=1:x=1:i=1698920511:t=1699006911:v=2:sig=AQHSrWHWkMR1MUCy-rZflqY26H2myp2O"
.tapad.com/ Name: TapAd_TS
Value: 1698920511465
.tapad.com/ Name: TapAd_DID
Value: a4b16a97-1947-4e52-9e62-05ffd0c3257f
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.primis.tech/ Name: csuuid
Value: 6543783f9d668
.ipredictive.com/ Name: cu
Value: 82b8253e-9e4c-4c2f-8dc7-1c24b81b56b1|1698920511670
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1698920512.1.0.1698920512.0.0.0
.w55c.net/ Name: wfivefivec
Value: nVtDKUtY1QYuPK5
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.www.bg3.co/ Name: _im_vid
Value: 01HE7RVEYSP5M3QTQK5ZG6WP53
.zemanta.com/ Name: zuid
Value: MlVfIPSfUxnhBJAcyB2q
www.bg3.co/ Name: OX_plg
Value: pm
.openx.net/ Name: i
Value: 2e91d9fe-ac66-036c-3eb4-248f082b4afd|1698920512
.adform.net/ Name: uid
Value: 2467632124578826382
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-02T10%3A21%3A53%22%7D
.gssprt.jp/ Name: gid
Value: 9ced551972377db578b81fe5b8fbb61b
.lijit.com/ Name: ljt_reader
Value: HlqNrRZHSMHOLqxHSpadjxGI
.casalemedia.com/ Name: CMPS
Value: 3347
.genieesspv.jp/ Name: yeahtargeter
Value: 0
.genieesspv.jp/ Name: rtbhouse
Value: 0
.genieesspv.jp/ Name: gid
Value: 5105d4c7f73d9dfab195c430cc379d5f
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 553898122509061949
.servenobid.com/ Name: pid_337
Value: y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
.servenobid.com/ Name: pid_339
Value: y-MscEXBtE2uGYz6mr4IG03PTuZATY1MnjFloxQYs-~A
.servenobid.com/ Name: pid_317
Value: 6075063565185387860
.servenobid.com/ Name: pid_318
Value: 9P3YYTGBsW_ulfAkf1TipnwmUoD_stPS_14D-_c2_gc
.servenobid.com/ Name: pid_310
Value: HlqNrRZHSMHOLqxHSpadjxGI
.gumgum.com/ Name: vst
Value: e_f71333e6-5083-4419-a99d-229783f10b6a
.minutemedia-prebid.com/ Name: wrvUserID
Value: nnJjlSazkp_mm
.casalemedia.com/ Name: CMID
Value: ZUN4QVPDLrIIuJjPohc2wQAA
.casalemedia.com/ Name: CMPRO
Value: 3347
.servenobid.com/ Name: pid_353
Value: 0000EEA
.w55c.net/ Name: matchcasale
Value: 5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjCxtDA1tzAzMxHiM9Q18yoxz3D0DzYsScsHAFinluQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjCxtDA1tzAzMxHiM9Q18yoxz3D0DzYsScsHAFinluQlAAAA
.servenobid.com/ Name: pid_333
Value: ZUN4QYbloBxhLaPfbtESqQAAFDYAAAAB
.servenobid.com/ Name: pid_309
Value: e_f71333e6-5083-4419-a99d-229783f10b6a
.servenobid.com/ Name: pid_324
Value: 5142336726074175109
.go.sonobi.com/ Name: __uis
Value: f7a5dc85-de93-4a01-8f3e-085057490da3
.go.sonobi.com/ Name: HAPLB8G
Value: s86111|ZUN4R
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a
.onetag-sys.com/ Name: OTP
Value: C-YL9CpXeURUqy5WgFjIlZJtD9deyFgzwzUutDi0U2k
.3lift.com/ Name: tluid
Value: 3154585111740024045296
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUN4QgAAANjH7wBC
.servenobid.com/ Name: pid_348
Value: nnJjlSazkp_mm
.contextweb.com/ Name: V
Value: 8NDkw7mAqeFP
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9a1c6d9525331589
.yellowblue.io/ Name: wrvUserID
Value: -2Jj2SazCp_s
.c.appier.net/ Name: _auid
Value: LtGA5kfjD725GJxuQnhDZQ
.creativecdn.com/ Name: u
Value: xkgG0zfu0NftQwbLRi5u
.creativecdn.com/ Name: ts
Value: 1698920514
.metadsp.co.uk/ Name: ruuid
Value: 739a22a8-e894-494a-adac-314eb70ccae4
.metadsp.co.uk/ Name: c
Value: 1698920514
.metadsp.co.uk/ Name: ruuid_lu
Value: 1698920514
.servenobid.com/ Name: pid_332
Value: f7a5dc85-de93-4a01-8f3e-085057490da3
.audrte.com/ Name: arcki2
Value: 89eT-cyADFYRn-86Uixz8MX7w!20220908!1698920514250!ip#185.195.71.220
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMfXCDuc-iQ99byvS00qpao&KRTB&23025-CAESEMfXCDuc-iQ99byvS00qpao&KRTB&23386-CAESEMfXCDuc-iQ99byvS00qpao
.liadm.com/ Name: lidid
Value: a5583b5f-ab35-4d4e-bda1-e3eab057d642
.turn.com/ Name: uid
Value: 4448450027908307853
.quantserve.com/ Name: d
Value: ENkBEQGqKvijCJiTAA
.servenobid.com/ Name: pid_352
Value: -2Jj2SazCp_s
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734.y3mZU9MH0U2KUvV36gnMcphg5n4DvkPAIFyIO9PXhCU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fe7a5311-e979-5873-6d5f-f5cf6c7b2734.y3mZU9MH0U2KUvV36gnMcphg5n4DvkPAIFyIO9PXhCU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_npTEel5WHNtX_XPbHsnNLnDR9w.FkokuDS7pLE9wFHDRIeIXhIFPtT%2Fby6PPknTHsszXuo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A_npTEel5WHNtX_XPbHsnNLnDR9w.FkokuDS7pLE9wFHDRIeIXhIFPtT%2Fby6PPknTHsszXuo
.mediago.io/ Name: __mguid_
Value: f34e9699548636d0211rhh00loh1eqme
.gsspat.jp/ Name: gid
Value: 8b10da0a9c270f7cedf38f6f22e2ced5
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: be5fb09f-bab5-5232-97fd-7e91f2be06d3
.betweendigital.com/ Name: ss
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-NcTA0TTJx4cuyMPXYcTZhDWQlYcuks2AM8jaJOyQ&KRTB&19420-NcTA0TTJx4cuyMPXYcTZhDWQlYcuks2AM8jaJOyQ&KRTB&22979-NcTA0TTJx4cuyMPXYcTZhDWQlYcuks2AM8jaJOyQ&KRTB&23403-NcTA0TTJx4cuyMPXYcTZhDWQlYcuks2AM8jaJOyQ
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-553898122509061949&KRTB&23339-553898122509061949
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5109685630498578664
.servenobid.com/ Name: pid_316
Value: EBAC4A8B-CC68-47A3-947B-48FD3919AB8C
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2etm:196n~2etm:18z8~2etm"
.betweendigital.com/ Name: ut
Value: ZUN4QgAHgeC_BBMv5k71myhm79kATEuDkoG_Pg==
.gssprt.jp/ Name: appier
Value: LtGA5kfjD725GJxuQnhDZQ
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2467632124578826382&KRTB&23263-2467632124578826382&KRTB&23481-2467632124578826382
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKII5GKfMO4Pi0-ejx4ZWO-v8CvjKKF9rTRF2l9Mm3BTOVEHwYBCDC8I2qBjABOgTwi70wQgRzW-3o.JFDufZ3bpuhiAWfVtIGBpI63SXP67h1Q%2FPBod0DVsI4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKII5GKfMO4Pi0-ejx4ZWO-v8CvjKKF9rTRF2l9Mm3BTOVEHwYBCDC8I2qBjABOgTwi70wQgRzW-3o.JFDufZ3bpuhiAWfVtIGBpI63SXP67h1Q%2FPBod0DVsI4
.richaudience.com/ Name: pdid
Value: 0b11becb-03f2-4280-b584-1zz1698920504
.audrte.com/ Name: arcki2_pubmatic
Value: EBAC4A8B-CC68-47A3-947B-48FD3919AB8C!20220908!1698920514516
.ctnsnet.com/ Name: cid_958cf0d81db94767b6df0dbb10077415
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7296808046146549916
.weborama.fr/ Name: AFFICHE_W
Value: l1jUiZFIUruX64
.csync.loopme.me/ Name: viewer_token
Value: c6b7c904-c565-4489-91d3-131166e0c8b1
.servenobid.com/ Name: pid_323
Value: LOH1ENG5-O-8APL
ads.playground.xyz/ Name: connect.sid
Value: s%3Acc3dimlSB1RZg6craxmYP-iEwD6fnsSU.4n4MO87CaIl9iRpvH3MGpC4T3ZpGXgx6gznRJCpzZ1o
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-_npTEel5WHNtX_XPbHsnNLnDR9w&KRTB&23334-_npTEel5WHNtX_XPbHsnNLnDR9w&KRTB&23417-_npTEel5WHNtX_XPbHsnNLnDR9w&KRTB&23426-_npTEel5WHNtX_XPbHsnNLnDR9w
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4448450027908307853&KRTB&23150-4448450027908307853&KRTB&23527-4448450027908307853
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7296808046146549916&KRTB&23369-7296808046146549916
.simpli.fi/ Name: suid
Value: 48C6BEFFDF2146F6962BF9F1B8B41114
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003%22%7D
.adx.opera.com/ Name: UID
Value: OPUe9cc62e2508e495bbcd894294fc7814b
.sitescout.com/ Name: ssi
Value: 5eee3ca7-0f05-4c29-b836-502b2a6ae866#1698920514644
.tribalfusion.com/ Name: ANON_ID
Value: aAnwQRqO2c8U2OqnuyrSPsHDIAN6bBvJWd3kryVRQv2pyC8Rik3DFQG3WFGIX0iPEI0SqmDpPP9Wcxu8iWAeQo6VVOYkaU6mZc3TZdsdooAZaZatUNtAMqPVaC68Ogsn
.adsby.bidtheatre.com/ Name: __kuid
Value: 710fffe7-94d1-4874-a871-7a00cd1ce488.468134514
.de17a.com/ Name: guid
Value: 1.6780142541224797239
.rubiconproject.com/ Name: audit
Value: 1|JsOELBuStdZX4A3TgBH80MQJffLZ4Eq463nLbqlnz4/9MbvQsxHvgKvrpTwuMGdz8TBSYdFp5gmM1KxoLazIt6NWShwHx7KI6rocrMY9/A9mqrcN+KFEhE+MEXnny7arBPpxaFynOwna2yCff4pR8g6iGeafBEEf4HnaWo9QX/DTv2VA+YDe1M9sdGeFC9lF
.gssprt.jp/ Name: lamp
Value: 8b10da0a9c270f7cedf38f6f22e2ced5
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5ODkyMDUxNDc0MH0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nrh|7dN.0.AAEWQE7KhvAAABe7vLWZ2g|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUe9cc62e2508e495bbcd894294fc7814b&KRTB&23485-OPUe9cc62e2508e495bbcd894294fc7814b&KRTB&23524-OPUe9cc62e2508e495bbcd894294fc7814b
.us.ck-ie.com/ Name: CID
Value: c3faed346e4290a7c0b1a078d9a3bae62984e507
.audrte.com/ Name: arcki2_ddp2
Value: 89eT-cyADFYRn-86Uixz8MX7w!20220908!1698920514793
.onaudience.com/ Name: cookie
Value: 27773147ecb03237
.onaudience.com/ Name: done_redirects104
Value: 1
.smilewanted.com/ Name: sw_user_params_infos
Value: D7fHxtPNouxd0fI0Zbi96Xyrt2nn7Ygo6gGAxzZifInCf0bnTyhVSIfWWNbLh4zyP2l0t6ixue8PvQaUDdOKbsNtgZ7mFtGn10uo7qnNvMInywQYOrNYjbV05kxcHPx3m5dwS0w%2FxCX1BBaZtqqmgpoIyjK%2FyRWbe%2BnCBfOUaSIf0SrQ7eoYM6JITIei6DQOXSttF8UjNA5Csn%2FMRsH8em4x4pbMjopXsVS2S%2FUE5JZGl%2F3URyuPyJRluXSSD5or%2F0nLMX0%2Fsl2fSb2Z%2F1d5h3umUadfeIVNhkI7dN6gCTrvm0MN3TnT4trpzjQ4KJMJBBWyYlYm%2BTIN%2FATOkpisKR6jyQPJHKwKqYRQtvTm%2BrSaH33l9q%2BjVirRQVSRYHeeoAavVST66%2BkGbffRTMzyi3TONgZKC6e0rl7e5BBQX5AiuU0Is64P5X6roSs%2Fqf1R25pU9TePuvoPvjtYYuIl8Q%3D%3D
.bidswitch.net/ Name: custom_data
Value: IpsvCF9jNkRmaWQ1VElvQWhSMEVYT2cwbnh0S29XRlAlMkZTJTJCR3lKeTZHRk5rZ1BQSkJNQm9tdyUyRkpOZ29NV3g5ekprUUolMkJFQzFlUW1FSnVBQ3dYeGc4ZWJqSTdMQ0NoempLZ3h0dGM3QyUyQnZlZW5qeDJWU3hFRXRoMk1tbVdlJTJGSCUyRkcxeDdFdVFBM2VvR2lHUm9ER3F5dk5ra1NrJTJGZkNEQUE4WkVHZFdmbXY4JTJGanI4bzNUZFU1RjlNZFclMkZoVWNtTlAlMkZBWWJu
.rezync.com/ Name: zync-uuid
Value: 0c2e87b6-9ca5-4c2d-ba80-fbd4766869bd:1698920514.8380096
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 35173e3d9d93849ada1ea497a000bab
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4BAkx2E3IWghVu7ud4RuexgFyb2m-LaWWlR5qz0AIqvvgWSazuEnL6omfk0uuXE6AAAA
.servenobid.com/ Name: pid_346
Value: ua-df1bbf2e-0839-317f-bf39-8a3ac46b129a
.audrte.com/ Name: arcki2_adform
Value: 2467632124578826382!20220908!1698920515010
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-5eee3ca7-0f05-4c29-b836-502b2a6ae866-65437842-4348&KRTB&23418-5eee3ca7-0f05-4c29-b836-502b2a6ae866-65437842-4348
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAII1ZTErDMUAMAzEINAAAAAAA&KRTB&22713-AAAII1ZTErDMUAMAzEINAAAAAAA&KRTB&22715-AAAII1ZTErDMUAMAzEINAAAAAAA&KRTB&23519-AAAII1ZTErDMUAMAzEINAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6780142541224797239
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEWQE7KhvAAABe7vLWZ2g
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Gp1rLOrtXTTTYbWTnjhaYXYT
.pubmatic.com/ Name: PugT
Value: 1698920514
.openx.net/ Name: pd
Value: v2|1698920513.2|iyvQgevNgun0.j8vSgqwksLiSmOsfnswL
.smartadserver.com/ Name: csync
Value: 22:2467632124578826382|127:AAEWQE7KhvAAABe7vLWZ2g|141:89eT-cyADFYRn-86Uixz8MX7w
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XNuRGAMAxE0aEAItdhRpYlWaIbH1AQISElEFIaEWSY2egl-89hDGJqCByIiK_O7_DuHI3j5hJUXDQV8VYze6rYfMkKfi2NkoiKlTZ_p5NGBTDZXVcysePnBA-zmTxWigAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNzE0KwyAQQOG7zDoWTXSc8TLBnylIG1tismnI3evywce7YP3KvsUm7YBw7KdMkN91VIdwQa-_TV4QwBnNSA4XbZmcJ0QL9wRdeq-fttYyjM6zkE-oOEenbJ6LSpG0eqZiPSIhpxIMMvGsnbEPWkiPK9x_yBEmIQ.ZUN4Qw.7xIEscpokbi9vaZYO_3_TfjacQw
.dotomi.com/ Name: DotomiTest
Value: 2caf19bcbc4c16b1
.rlcdn.com/ Name: rlas3
Value: dcbkH76jD4DxzG+wsDcYSXqfQylL6x9evMCS5eVn8aE=
.blismedia.com/ Name: b
Value: 65437843C20C4BFBA577AAE6BLIS
.audrte.com/ Name: arcki2_smart
Value: 6075063565185387860!20220908!1698920515245
.rlcdn.com/ Name: pxrc
Value: CMPwjaoGEgUI6AcQABIGCLbqARAAEgYIuuoBEAA=
.socdm.com/ Name: SOC
Value: ZUN4QsCo8YIAAGWL1dEAAAAA
.pubmatic.com/ Name: SPugT
Value: 1698920516
.pubmatic.com/ Name: DPSync3
Value: 1700092800%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1701475200%3A203%7C1699747200%3A63%7C1704067200%3A69%7C1699488000%3A2_223_15%7C1700092800%3A238_176_166_249_243_81_234_21_251_3_99_264_233_46_214_88_56_55_54_22_13_165_71_220_8_161_204_196_254%7C1700179200%3A35
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1622b3b5-b5a2-4f88-acc2-7bbc1a279626-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.pubmatic.com/ Name: pi
Value: 0:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1698942117382
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zc
Value: d27650ba-9f3d-43d1-63ff-bad81bf3faf4
.semasio.net/ Name: SEUNCY
Value: 3DBD05B18F16C69B

43 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202108/bb9ada5f9e738b3f53fcf899614a162c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/d86fec56efcbd6586a9d9382879e71c5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202012/e56105ece9d2a3d9670876c981fa355b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/e8882cff341d574157c88cb9063a4d1b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/db7a64218d7e4b57fc5ee8ae9a7c77ca.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/f82cb90d6b0fbc0f74d36a5aeb109350.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/ccdcd2b98f8188397fd99e8c7144e7b2.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/85da8136d7fd03b97e524494fd2dbf81.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/631301e1711a7bc0f86c220178fcd36a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1b53eb39b80b74b843aad08b7ddfb4c4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/5e103ce1c89b25ef956359c73b8117e7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ae637c79e18ee2a593e98499558784df.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/94296caa1c581cb363af0a23cce6119a.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/71716654d50f07aceefecae6f495aa91.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/daea66ba1cd822bf2b0ae48f24828244.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/aa39faf6b4280143b69a66f970306e85.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/44953545b63a44398d620b70bf150cdc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/556e50590022ec7f928dbaa8b1aef30a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/846f91d6fd3fd30ebe5df55c02422e0e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/348cf941f6aeee1af0ba0ac18d4e6f83.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/f7f16ccbef533c95bd8f97e246bf5d6c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/58ff62de9ac8ef5e3d55e99f95cda08a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/bedcf6190a4a54ab07da232011e0757e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/34e40d5748d34a17250d62f585821f8a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/3d0f31eafd415c4432660a5a60988972.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/eea5db52e3a3b3c32418509a70883cb0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/489eb1289ecb7267c84a8efb0a0034f7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8c723cf740c8514748ca479921779bca.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3b50d0c41d8a83fca8265ce0e00e01bf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EvaHUtcmVuLWxhbi13YW5nLXNoZW5nLWRhbi1kYS16aGFuLXBpbmctanVuLXBpYW8tamllLXBvLTJtby0xLXpoZS1jaGFuZy1ydW8tcXUteGlhby1uYmFrb25nLXBlaS0xMXlpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698920510&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhu-ren-lan-wang-sheng-dan-da-zhan-ping-jun-piao-jie-po-2mo-1-zhe-chang-ruo-qu-xiao-nbakong-pei-11yi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1698920509835&bpp=261&bdt=986&idt=737&shv=r20231031&mjsv=m202311010101&ptt=5&saldr=sd&cookie=ID%3Dc74022cbe5ac516c%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MbsV9q11-jKyCB1XlH2o1fIcUZ7Qg&gpic=UID%3D00000cb124cfc69d%3AT%3D1698920508%3ART%3D1698920508%3AS%3DALNI_MZX3f70ipC2f1mVgxpqdCZOkP_5rQ&correlator=754028308899&frm=23&ife=1&pv=2&ga_vid=299927836.1698920509&ga_sid=1698920511&ga_hid=1620355915&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2818&biw=1600&bih=1200&isw=336&ish=280&ifk=3404299744&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079232%2C31079297%2C44805933%2C44807048%2C44807463%2C31078297%2C31079356%2C44803794&oid=2&pvsid=3372074091963421&tmod=862930451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i7qaoaedu8g9&btvi=1&fsb=1&dtd=752
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:89b4f5d6f970d9b
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:92ac8762d65322b
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
3175cde3d0f4452140400cda74adb5b0.safeframe.googlesyndication.com
515f898faed4b7df2087a16fe73bf4a2.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mox.tv
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
audiencedata.im-apps.net
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cookiesync.api.bliink.io
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.gssprt.jp
cs.yellowblue.io
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.c.appier.net
g2.gumgum.com
genieeintl-d.openx.net
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
live.primis.tech
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rr4---sn-1gieen7e.googlevideo.com
rt.gsspat.jp
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.fr3.eu.criteo.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
static.bg3.co
103.231.174.251
104.18.36.155
104.18.38.76
104.20.219.77
104.22.68.131
124.146.153.162
13.32.27.28
13.32.27.45
133.186.12.12
133.186.12.13
137.74.6.209
139.162.23.100
141.226.224.32
141.226.228.48
141.94.161.190
141.94.170.64
141.94.171.212
145.40.97.67
151.101.1.108
151.101.1.44
151.101.66.49
152.199.21.70
157.90.211.246
162.210.196.208
162.55.120.196
167.235.184.171
172.217.23.98
178.250.1.11
178.250.1.17
178.250.1.25
178.250.1.3
178.250.1.6
178.250.1.7
178.250.1.8
178.250.1.9
18.158.20.252
18.159.23.195
18.195.255.178
18.210.34.36
185.106.33.48
185.180.220.208
185.180.223.67
185.184.8.90
185.29.132.241
185.64.190.79
185.84.60.20
185.86.138.151
188.42.34.64
190.2.153.150
192.96.203.13
193.0.160.131
193.108.153.18
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.23.192.21
2001:4860:4802:32::36
208.93.169.131
209.54.182.161
212.8.243.37
213.155.156.165
216.52.2.16
216.52.2.48
222.230.178.130
222.230.178.32
23.32.184.192
23.60.204.187
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b900:adb4:94e5:4f5e:5116
2600:9000:2057:bc00:1f:4c18:bd40:93a1
2600:9000:2127:3600:6:44e3:f8c0:93a1
2600:9000:2251:2e00:1a:5235:f980:93a1
2602:803:c003:200::43
2606:4700:10::ac43:db6
2606:4700:20::ac43:47fe
2606:4700::6810:5514
2606:4700::6812:18ad
2607:f8b0:4006:81c::2003
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400a:8::9
2a02:2638:d::c
2a02:26f0:c6::210:6529
2a02:fa8:8806:16::1400
2a04:4e42:200::649
2a05:d018:d29:3605:3e4c:92f3:ccc6:dc3e
3.211.73.67
3.71.149.231
3.78.106.17
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.160.236.64
34.249.63.196
34.255.59.27
34.95.81.168
34.96.105.8
34.98.64.218
35.186.193.173
35.204.158.49
35.205.65.172
35.208.249.213
35.210.239.72
35.214.191.90
35.227.252.103
35.244.174.68
37.157.6.233
37.157.6.254
37.252.171.53
46.228.164.11
46.228.174.117
51.38.120.206
52.20.87.123
52.210.15.1
52.211.134.127
52.212.188.233
52.213.50.133
52.223.40.198
52.29.206.161
52.6.229.247
52.7.163.13
52.71.244.122
52.95.115.196
54.173.102.35
63.251.232.170
63.34.177.0
64.202.112.191
64.227.64.62
69.166.1.34
69.173.144.137
69.173.144.138
69.173.144.165
69.173.151.100
76.223.111.18
77.243.51.121
77.245.57.72
8.18.47.7
8.2.108.175
81.17.55.123
82.145.213.8
85.114.159.93
95.101.148.20
95.101.149.233
95.101.149.35
98.98.134.243
99.80.199.240
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
047b9efc511eeb39d7f27c02113422efb8cabbd580df881a4a93e25b7b24a705
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054f22e1b60b2dcfbae3950103b79391c61fd34578708a1213dedbf9ec0e2ff9
06a66363c25f5d4bc424e88806c4a20ff8ecbeda18b5df83fc93e6232076abee
075ba96218344d16eba626d3398e61be138b72c96d100cdc3bdf87b769f46531
078dcf115b21212e312fe3c048304d4bec25efc27952583f53f495b3a794425c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09786c41a3905cd2436a020cad81c09334bb3f2012b4da70012edc55f427592a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6a50b9cbac5c91708b0dcf9cae3c3165d2569040cec6d4cb6a111be6929bf0
0daacbec8b84ea75e745a5eb6f3556e1e9e0bd14566bd91e7f3c5a0a53c6c178
0fa8cc5864981df7c04184f215bb13c031ee928376bcc8b3406eaaf47180d23e
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1d91ff6fc15a9243de88237009b60ccd54246d958c88f55e151d0c412b08243b
1e4c238292b8af325dc7dc335d5b65377acfa14f2a8c432818bb8b6be64572bd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1effec8d1d6ccab9f5f3c34b2c9aab858e07c693e163331f1ff018b39ea656a8
1f9b7492fff9be4034ed0259dc4da496bd0ba203a89e7a9af9f56b1f9d9814df
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
22186fe088f107b1b9cf8df09648855ec0ff2a229562aa3ea2105074245f64e4
24af2e8d3f45b6fab6c93d682be5333c636ffe1419f128ca313141201d918180
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
272db526f3970acd9ca9f8f91863187395ad59b884e155d1b709ceadd09139b7
28a3320749440ee186044135d5f8df9d013ee44e3056ef87abc0edac2e80757d
29f22d0f57055a4afa29dff3f39af25b02b68c88138a4fb7a5ce01fa12a69c3e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7ed4e77c9ae0c81247f1868ff69ab63d0e7c9ada05cc79356d8f671cba3a0d
30250ceb5c467758fa9a69dc03bd46371d10d66f6b9607afc689230b9da01a4a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35021ec3b763ea04ac0a89c7a95f2eb58bfa0c2d2688c52c30fdf9b39bf59021
35a456356fd73efae3ec0974b70ed27735c023868fecf1d5c69b16a8934c3e45
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3728f0f2c0754ced2cf1511a58fdcab438b41c41184567f90aa804c1047ece8e
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c8c8908c576eed86b6180af71ae2d76a60e55e81b39f67f83c769ecdefd336f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db4999c8da51baa4c34ea00cb916667b6df1e51e06411681f90c35f440ee430
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe8e4bba11adea29539d056f9a89feaa6ef8246b5d7623d33f9fda6706b4930
408570f5d4408135969f64091e1743bcd1388541793b127b7e5854c31350c9b2
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
4321f0928c75dd3d02ad601f9399006b07a97e42ea5601e3baf69929c103b362
43260b3e830dc7e16eaf0554d00f15020357d9c13e553978034d878850cb763e
44040a3b5df73f75e3461309d429f7536053b0f512bd4691e2248b595e0050f4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
45a3ef1f71e7d6ac001a0f5cc25a5b2baf3886709af0c8e59dd3652325bb6110
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f3814580ed67b82400f08e6e77214c1ab59427a34f8a4180b2129f70c477ec
47937bc2ee4b210caec199a6f2a6e5da90f8da18ed4a88293434f0da1039e594
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4ad95379d595faee7a63f9159604939a91a8b672cc963fdb20d34e4eea87b836
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c04079e419d0cbfb51dce9be5377e38caeb2d0b3a849f4b6ea4c61bf69fb9fa
4c9a5f3005490dd4abb9221f32ea477f75f8f1cea796475943cfdb009800b2b1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bbe241a665de61a2a8f65551a1ace94d98484dcfd61c7b10eda934c7770ebc
552effdda2d28707a0fdb52be2b71537d322288cb013e5a06d2025137f8fd3ea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569589d1a800a51f7cf967fa16e067d8bf640f84ade0a3669c82a47409632867
595e14790d176a03c0bc4bd57675f4b49e538215b711dcbc8d475842e61312dd
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
62788ac511acb39dac6d822c145219994b9f0012c1574c611a535ff9704413b8
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
639a736f9bd3a65680f59b8a7ba30b91c18da0686c4637a98d94d1fcea862fe1
655fbbc09d823c9ca7c19c2f16e86dc2d80fa99df138bba77d4633ad00e097b7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
6a10026a5515532bc83d5cc40f634aaca4ee39b21ae46ab1edcfd12f8e90396d
6a438d45eb21e005b3d9f9d2218caa1694eb5e0a3dd1dcc4857c69799f110906
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d01485edc889f10ce5f17056301e09569f8e893bba2c306bde9f788119343cc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e9e55198296a8d4ccbacd8b95d4ec9fa03e13cea7ef3bc8c5873edd6c8e9be5
6ec6bb001d03a2a5cd58f057cbfd076f7c556e4eae33aba87296b6690479b685
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
736230b68637a100aa7b79381299d258c1d012c8fd2ce272a994f7d2870a379c
73e9e2e59e882650c46b24b4d970120661ab38b9452a6937c9f73c97cfde8682
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
7947fc706e3055b205951a22bef2655cde781df401c18942e49496a8f5647c3c
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a119654cb28db513c388b417aaff30ea6aea5003c1a3fffb8e633200ed30c69
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8462c90aad1fec8128f0a4dba76871fc0fbd6867ac775821ab08ecb91f9bd7b3
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8672e04e9c8ce5a7d318a5934c893ade0414142ca246ec1577bfefbb78338c89
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a665ec08f8c43226c8bfc18508d99d9ad6c0077edf85f6cb0ff2243b473c72c
8be39d4faeded8802a3cf504aa860d41b2cf5c1c40223879b0da41d32854f348
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d
9154ec697fc17060e3cc938d3d766f4116aaeed494137adf2badb6ad0cf37393
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96e67c98724154165af8ec287e144bda54e84ef2102cd3d122b80f769c7f41c3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9e2271614025c74ac9d2687681b7118f47c8d0e6cac657a61eebc6dd2dffd04a
9fe9e3305a188f2448dabc4b84bd912aef6b123bd39817a992d03d5a005bf9a9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a19b3a770a433295ec7c946e9a2d4d263489be69ebab4d54aafb13ecd9d337b4
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4b92eb8757c6154f1035b1796185353e6fe107b28fb561be855f68f3f7097e1
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a6d5c256ddcd644ace835157e76f8f4bd50f6a066739842d081cc3f289ec8936
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a98b7cf286df8a90047d57e609a44aa2b2afd526d0c159d172817392718beb38
aa4b5ef71883340d967b61fc5306164dd24a6ae92b3c3438834a39fea1b61b54
abc92794dd0332c044a0378e88291ec89c7b7ffa6875b66fcdcec15562b1c188
abe46eed5d8efd357c64530f0c42ff590be04b8288dccd5a0c5a68629fd29194
ac22cb6c35367aaa4f61f7e556432fd178dba644e07aaf21020ca86bf430ae3a
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
afe35b82edcc811190b69443a6b74152202b5b88cf2a554a91abc821fe1c4702
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ea2943fd4b504cac8a83778b97e03ef2be6aa863a8549bed8dcd55f83840dd
b1f092f6197eacc2363e809fd2dc07638f8a9859883130d144ca74903027b870
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b3a9de63e2b549859d74808cac442cb1f88228f79311857bbc69129232770115
b443b4a8812d806f605d1cd05d8a32344d62373ecb16f0bf259bdce3fa3966f4
b4a06fbae6c20c8202bb878e66ee6731378e9fa229f0541c87d98a7583b843ae
b5944725d92fa4d612abe0360e8bc3c7fd9880bb5f37d15e731f3d49be1cadb9
b5e3738508aaf0c8fea2bd8b9ce4d1b0ae76dec5b43eb0f75d69f83f4d9e3b14
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b8772a132b701c01463cd2da89c0f05adc6a0d45824ae699de2e9abc043dba71
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bbde607ee0e4a2381118b522f40cc9fa84a59909474c37c9b6622237e6877500
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c053e6b00b68319676e77fb4d0a5456a90bdec49848eb46a84f380aeb3ba3646
c131b7d7074657a3c6b3c78070b555c08c806b6aa112b5eb079adfedf01285db
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32f8c54528d1fd6592597f8e5355fafcead49ee585a387fe446eb6a898f7910
c5377c64a952ac53d3536592072a9b3de2d77b0722274d16bc7aeb875afdab10
ca790105e43062bca900ea8fa23a5e3b5c90b8de733830b6ea44ae2fdcd33eb5
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d213374d9ffac1293cd81335453a6a468d1b220fd336c22ebd0e6deb0c31fa48
d334c561616a392daba46850f9c65d76d9e13f118f524147c8f80325eaaeaf53
d52650c2466b3ad8cf49c0ef9ff4f33e4f1088915fe619b7bb1f96e6adad1038
d707e55d94215af78272a2ca328546a0416efe4763cd4643ca6f706ac8960846
d814714dfdb518b0e13c82074c7ba39581f53169afcc1424f88e25927f020adb
d8f3ba06e0975b14eaded12da39f999898c474bde8d98578b57f4b4ef6aa947c
d90e7f2e4dcad198793d039715136a18058b4707707385c6c123c508da5c9c68
dc0846f9c62f7dc8c09a38aa7588488b2bc89edd391c20c806f0bf23882ddc28
dc0ac5c02d0e36b47a973b030d8f75bd8f69eea3477cf6e5ce676b704fb12733
dc41a1391918f2147009204a59b35add8ca0ef53935bc8c6c43228826a845f6f
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
df2fb88411f13bab86aef52f75c74855c21e8d8d5e8069d0cf8d05a6367c92bc
df856f323a6216c78f870b31dc4ce726aaf3753e0eb4f5b56bf335f1558a97c9
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0f91b07e19b8eb7435d9194690aea26731eeb0228596c3867909261323ef275
e110a36c3a06771857df3aba5ae2d20a3d3e0c39bb2d68ba6eb10afeabb8e6c3
e21829c72e2ada8216248741b7f6e22ee5cdf20efe5a3827ce74833f22379831
e2a34e11ebf0ce5dc89f255eaba05379c048b35c2e259f719162caf48ba2fbdc
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7f82c6dfd3fe1bc4eef0b0facc251264f2193ac0233bdfb87cf9d75aba8e8a8
e91a25647d0ac40582377200ea42f12969ae4f73e8fb8d5ea15eb9d4169a54e6
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984
f4975544236bf4012c2aff64c2ddb31a370181bf4e54e5ee2143f73d065d351c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f783b70f3d30f78fb57bbfedb7ca08319af2796915696ff84b6a0707b4342d79
f794d935be5272120be5cc6c011be91b4fabe36c304a09db4c8fabeb820bc1a7
f7ff6b729555217f8a271e4daa5fa484db2858e9057fac5a1b8d91464dbf153e
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd67d3e5d24a816c6b68e8f0d2eff7d7e2090a9a7dd42973cd22856f9659e259
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e