urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Submission: On October 01 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 132 IPs in 17 countries across 125 domains to perform 578 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
6 152.199.21.70 15133 (EDGECAST)
45 151.101.129.44 54113 (FASTLY)
1 5 162.210.196.208 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2400:52e0:1e0... 200325 (BUNNYCDN)
4 2001:4860:480... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 5 2a02:2638:d::d 44788 (ASN-CRITE...)
8 23.97.225.52 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
3 5 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
10 15 185.89.210.212 29990 (ASN-APPNEX)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
19 34.250.19.175 16509 (AMAZON-02)
1 18.193.11.140 16509 (AMAZON-02)
10 104.22.69.131 13335 (CLOUDFLAR...)
1 3.123.45.150 16509 (AMAZON-02)
2 9 104.18.26.193 13335 (CLOUDFLAR...)
2 4 145.40.97.67 54825 (PACKET)
1 185.255.84.150 200271 (IGUANE-)
3 35.227.252.103 15169 (GOOGLE)
1 5 51.89.9.253 16276 (OVH)
5 184.30.21.51 16625 (AKAMAI-AS)
1 2600:9000:243... 16509 (AMAZON-02)
1 139.144.5.218 63949 (AKAMAI-LI...)
37 2a00:1450:400... 15169 (GOOGLE)
3 151.101.65.44 54113 (FASTLY)
16 185.106.33.48 200478 (TABOOLA-AS)
21 2a00:1450:400... 15169 (GOOGLE)
3 3 23.212.211.47 16625 (AKAMAI-AS)
10 184.30.22.30 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 9 69.173.144.138 26667 (RUBICONPR...)
5 141.226.228.48 200478 (TABOOLA-AS)
1 18.66.97.120 16509 (AMAZON-02)
13 3.33.220.150 16509 (AMAZON-02)
4 9 2a05:d018:d29... 16509 (AMAZON-02)
5 6 3.127.97.70 16509 (AMAZON-02)
4 5 3.75.62.37 16509 (AMAZON-02)
2 2600:1f18:24e... 14618 (AMAZON-AES)
7 10 69.173.144.139 26667 (RUBICONPR...)
2 51.77.64.70 16276 (OVH)
16 37 142.250.186.66 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 5 67.220.228.201 16509 (AMAZON-02)
2 5 52.46.128.147 16509 (AMAZON-02)
8 8 52.50.109.207 16509 (AMAZON-02)
1 2600:9000:243... 16509 (AMAZON-02)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 10 104.18.27.193 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 23.212.89.35 16625 (AKAMAI-AS)
4 9 104.102.35.84 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 54.78.254.47 16509 (AMAZON-02)
1 2 2.23.197.190 16625 (AKAMAI-AS)
2 4 35.244.174.68 15169 (GOOGLE)
1 54.154.110.236 16509 (AMAZON-02)
1 52.215.100.89 16509 (AMAZON-02)
1 34.253.57.114 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
2 78.46.23.46 24940 (HETZNER-AS)
3 37.157.6.243 198622 (ADFORM)
1 5 138.201.220.30 24940 (HETZNER-AS)
2 37.157.6.236 198622 (ADFORM)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a00:1450:400... 15169 (GOOGLE)
12 2400:52e0:1e0... 200325 (BUNNYCDN)
5 10 35.244.159.8 15169 (GOOGLE)
1 142.250.185.102 15169 (GOOGLE)
2 88.99.65.215 24940 (HETZNER-AS)
6 6 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
3 3 54.171.66.116 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 141.95.98.64 16276 (OVH)
3 138.201.84.244 24940 (HETZNER-AS)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
2 5 216.52.2.39 32475 (SINGLEHOP...)
3 4 13.248.245.213 16509 (AMAZON-02)
2 3 23.212.88.20 16625 (AKAMAI-AS)
4 4 193.0.160.131 54312 (ROCKETFUEL)
1 178.250.1.11 44788 (ASN-CRITE...)
1 65.9.95.105 16509 (AMAZON-02)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 151.101.65.108 54113 (FASTLY)
1 95.101.148.20 16625 (AKAMAI-AS)
5 7 37.157.3.20 198622 (ADFORM)
1 63.35.206.11 16509 (AMAZON-02)
3 7 185.86.139.102 201081 (SMARTADSE...)
3 23.35.236.201 16625 (AKAMAI-AS)
9 2600:9000:213... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 3.82.132.167 14618 (AMAZON-AES)
1 2 216.52.2.16 32475 (SINGLEHOP...)
8 9 46.228.174.117 56396 (AMOBEE)
4 4 2001:678:cb4:... 56396 (AMOBEE)
1 1 69.166.1.34 27630 (AS-XFERNET)
2 2 3.220.73.209 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
3 18.197.134.14 16509 (AMAZON-02)
1 1 8.2.110.24 46636 (NATCOWEB)
4 5 151.101.130.49 54113 (FASTLY)
3 3 98.98.134.242 21859 (ZEN-ECN)
5 6 54.77.142.1 16509 (AMAZON-02)
2 2 52.45.97.130 14618 (AMAZON-AES)
2 2 13.225.78.123 16509 (AMAZON-02)
2 3 2.19.126.143 20940 (AKAMAI-ASN1)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 34.160.19.107 15169 (GOOGLE)
1 34.198.233.93 14618 (AMAZON-AES)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
3 4 138.201.8.249 24940 (HETZNER-AS)
3 185.64.190.78 62713 (AS-PUBMATIC)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 16 34.247.205.196 16509 (AMAZON-02)
2 3 64.202.112.223 22075 (AS-OUTBRAIN)
2 2 52.45.228.151 14618 (AMAZON-AES)
1 1 52.0.248.85 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 70.42.32.31 13789 (INTERNAP-...)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 54.72.115.16 16509 (AMAZON-02)
1 1 211.120.53.203 4694 (IDCF IDC ...)
1 80.77.87.166 46636 (NATCOWEB)
2 2 188.42.196.115 7979 (SERVERS-COM)
6 10 185.64.190.79 62713 (AS-PUBMATIC)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
7 24 185.64.191.210 62713 (AS-PUBMATIC)
1 1 185.255.84.152 200271 (IGUANE-)
2 2 8.2.110.114 46636 (NATCOWEB)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 3.126.162.124 16509 (AMAZON-02)
1 1 35.214.130.201 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 173.231.181.122 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 34.102.163.6 396982 (GOOGLE-CL...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.202.131.94 14618 (AMAZON-AES)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 1 37.157.6.233 198622 (ADFORM)
2 2404:6800:400... 15169 (GOOGLE)
1 34.249.177.138 16509 (AMAZON-02)
1 198.47.127.20 62713 (AS-PUBMATIC)
2 2 141.95.171.141 ()
4 4 141.94.171.212 ()
2 23.88.86.2 ()
2 2606:4700:10:... ()
2 4 77.243.51.122 ()
578 132
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
10    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
6    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
45    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
5    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
12    2400:52e0:1e00::1049:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
5    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
45f24457e91ebafed2a4bebb122fd0bc.safeframe.googlesyndication.com
5    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
15    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
19    34.250.19.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    18.193.11.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-11-140.eu-central-1.compute.amazonaws.com
tlx.3lift.com
10    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    3.123.45.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-45-150.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
9    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
r.casalemedia.com
4    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
5    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
1    2600:9000:2437:5400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    139.144.5.218 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-144-5-218.ip.linodeusercontent.com
socket.unibots.in
37    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
21    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pubads.g.doubleclick.net
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
1    18.66.97.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-120.fra56.r.cloudfront.net
cdn.socket.io
13    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    2a05:d018:d29:3601:970f:dde0:5c57:1e8b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    3.127.97.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-97-70.eu-central-1.compute.amazonaws.com
x.bidswitch.net
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2600:1f18:24e6:b900:1f91:c35:2fc1:60fb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
37    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    52.50.109.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-109-207.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2600:9000:2437:5200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
10    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
10    23.212.89.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-35.deploy.static.akamaitechnologies.com
t.teads.tv
9    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    54.154.110.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-110-236.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    52.215.100.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    34.253.57.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-57-114.eu-west-1.compute.amazonaws.com
sync.springserve.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
2    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
3    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
5    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
2    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)
unibots.b-cdn.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    2400:52e0:1e00::860:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
adpushup-d.openx.net
eu-u.openx.net
u.openx.net
1    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
2    88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de
cdn.contentspread.net
6    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    2600:1f18:612b:4264:e516:de95:b7c5:dc6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
google.partners.tremorhub.com
3    54.171.66.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-66-116.eu-west-1.compute.amazonaws.com
match.360yield.com
ad.360yield.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
3    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
c21lg-d.media.net
4    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    65.9.95.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-105.prg50.r.cloudfront.net
public.servenobid.com
2    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
7    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    63.35.206.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-206-11.eu-west-1.compute.amazonaws.com
g2.gumgum.com
7    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    2600:9000:2131:3000:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    3.82.132.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-132-167.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
9    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    3.220.73.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-73-209.compute-1.amazonaws.com
ssp.disqus.com
1    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    18.197.134.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
6    54.77.142.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-142-1.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    52.45.97.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-97-130.compute-1.amazonaws.com
i.liadm.com
2    13.225.78.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-123.fra2.r.cloudfront.net
live.rezync.com
3    2.19.126.143 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-143.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    34.198.233.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-233-93.compute-1.amazonaws.com
rtb.adentifi.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
4    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
16    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
3    64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    52.45.228.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-228-151.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.0.248.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-248-85.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    54.72.115.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    211.120.53.203 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
10    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
24    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    3.126.162.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-162-124.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    35.214.130.201 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 201.130.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    173.231.181.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.202.131.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-131-94.compute-1.amazonaws.com
a.audrte.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2404:6800:4004:828::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    34.249.177.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    141.95.171.141 (None, )

ASN- ()
green.erne.co
4    141.94.171.212 (None, )

ASN- ()
pixel-eu.onaudience.com
2    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
2    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
4    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
Apex Domain
Subdomains		 Transfer
69 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
trc.taboola.com — Cisco Umbrella Rank: 907
vidstat.taboola.com — Cisco Umbrella Rank: 3587
il-trc-events.taboola.com — Cisco Umbrella Rank: 16209
images.taboola.com — Cisco Umbrella Rank: 1957
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-match.taboola.com — Cisco Umbrella Rank: 13197
wf.taboola.com — Cisco Umbrella Rank: 3685
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
vidstatb.taboola.com — Cisco Umbrella Rank: 9042
sync.taboola.com — Cisco Umbrella Rank: 1624
am-wf.taboola.com Failed
2 MB
62 googlesyndication.com
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
45f24457e91ebafed2a4bebb122fd0bc.safeframe.googlesyndication.com
524 KB
57 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
ad.doubleclick.net — Cisco Umbrella Rank: 180
pubads.g.doubleclick.net — Cisco Umbrella Rank: 359
453 KB
42 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
image8.pubmatic.com — Cisco Umbrella Rank: 1061
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
image4.pubmatic.com — Cisco Umbrella Rank: 1978
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
44 KB
35 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1711
75 KB
24 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
t.teads.tv — Cisco Umbrella Rank: 3226
sync.teads.tv — Cisco Umbrella Rank: 2022
167 KB
24 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 27342
stream.unibotscdn.com — Cisco Umbrella Rank: 37345
4 MB
20 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3520
public.servenobid.com — Cisco Umbrella Rank: 7575
11 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
r.casalemedia.com — Cisco Umbrella Rank: 2435
26 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2247
usersync.gumgum.com — Cisco Umbrella Rank: 2735
rtb.gumgum.com — Cisco Umbrella Rank: 2264
6 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
acdn.adnxs.com — Cisco Umbrella Rank: 960
28 KB
14 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
6 KB
13 adform.net
track.adform.net — Cisco Umbrella Rank: 3716
s1.adform.net — Cisco Umbrella Rank: 7684
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
cm.adform.net — Cisco Umbrella Rank: 1654
42 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
13 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
us-u.openx.net — Cisco Umbrella Rank: 863
adpushup-d.openx.net — Cisco Umbrella Rank: 32309
eu-u.openx.net — Cisco Umbrella Rank: 3562
u.openx.net — Cisco Umbrella Rank: 1024
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18087
e3.adpushup.com — Cisco Umbrella Rank: 19655
283 KB
10 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 35069
hal900016.redintelligence.net — Cisco Umbrella Rank: 157177
hal900026.redintelligence.net — Cisco Umbrella Rank: 225954
18 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
8 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
17 KB
9 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 7534
5 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
mug.criteo.com — Cisco Umbrella Rank: 1822
9 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
4 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
4 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
3 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
ce.lijit.com — Cisco Umbrella Rank: 1486
3 KB
7 gstatic.com
www.gstatic.com
csi.gstatic.com
74 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
2 KB
6 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
3 KB
6 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
1 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 11
2 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
359 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
3 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
2 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
cs.media.net — Cisco Umbrella Rank: 2422
contextual.media.net — Cisco Umbrella Rank: 1062
hbx.media.net — Cisco Umbrella Rank: 1959
c21lg-d.media.net — Cisco Umbrella Rank: 3883
11 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
cms.quantserve.com — Cisco Umbrella Rank: 1260
11 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 35724
sync.aralego.com — Cisco Umbrella Rank: 4312
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 onaudience.com
pixel-eu.onaudience.com
pixel.onaudience.com Failed
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2941
1 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
2 KB
4 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 4633
p.rfihub.com — Cisco Umbrella Rank: 1417
4 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 719
817 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
228 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
436 B
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
339 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
360 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
89 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
2 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1259
1005 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
1 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
69 B
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3472
ad.360yield.com — Cisco Umbrella Rank: 1002
1009 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16071
41 KB
2 zeotap.com
mwzeom.zeotap.com
673 B
2 truffle.bid
matching.truffle.bid
2 erne.co
green.erne.co
824 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
498 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
562 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1698
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
1011 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4144
992 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
680 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 906
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
3 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2356
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 1067
1 KB
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 4973
cs.admanmedia.com — Cisco Umbrella Rank: 1518
366 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2272
928 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
842 B
2 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3579
cs.yellowblue.io — Cisco Umbrella Rank: 4325
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
60 KB
2 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 84565
89 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1088
stags.bluekai.com — Cisco Umbrella Rank: 984
965 B
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6135
546 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10583
505 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
visitor.omnitagjs.com — Cisco Umbrella Rank: 1162
808 B
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19210
c.statcounter.com — Cisco Umbrella Rank: 12701
15 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
278 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 5404
482 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
552 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
225 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1516
834 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1610
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
465 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2779
424 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1944
285 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2674
366 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2443
523 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
623 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2785
160 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 687
1 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2496
709 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 27714
633 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10895
287 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 39054
1 KB
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 7313
145 KB
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 4882
206 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1035
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 936
500 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2754
324 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
550 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
501 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
648 B
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 44737
13 KB
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 75443
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
634 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
30 KB
1 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 33779
10 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 selfcampaign.com Failed
delivery.selfcampaign.com Failed
578 125
Domain Requested by
37 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
sync.teads.tv
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
adpushup-d.openx.net
g2.gumgum.com
37 pagead2.googlesyndication.com securepubads.g.doubleclick.net
ads.aralego.com
pagead2.googlesyndication.com
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
www.googletagservices.com
24 images.taboola.com
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bg3.co
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
pagead2.googlesyndication.com
19 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
16 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
16 il-trc-events.taboola.com
14 simage2.pubmatic.com 4 redirects ads.pubmatic.com
13 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
sync.teads.tv
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 stream.unibotscdn.com vjs.zencdn.net
12 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
11 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 image2.pubmatic.com 3 redirects ads.pubmatic.com
10 image8.pubmatic.com 6 redirects cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
10 t.teads.tv www.bg3.co
10 pixel.rubiconproject.com 7 redirects
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
am-match.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
10 ib.adnxs.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
www.googletagservices.com
9 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
9 sync.teads.tv 4 redirects a.teads.tv
sync.teads.tv
googleads.g.doubleclick.net
9 pr-bh.ybp.yahoo.com 4 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 match.prod.bidr.io 8 redirects
8 e3.adpushup.com www.bg3.co
7 sync.1rx.io 7 redirects
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
7 us-u.openx.net 4 redirects googleads.g.doubleclick.net
adpushup-d.openx.net
6 sync.crwdcntrl.net 5 redirects ads.pubmatic.com
6 c1.adform.net 4 redirects ads.pubmatic.com
6 x.bidswitch.net 5 redirects imprammp.taboola.com
5 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 ap.lijit.com 2 redirects public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
5 secure.adnxs.com 5 redirects
5 hal900016.redintelligence.net 1 redirects 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
hal900016.redintelligence.net
5 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
ssbsync.smartadserver.com
5 aax-eu.amazon-adsystem.com 2 redirects adpushup-d.openx.net
ads.pubmatic.com
5 ups.analytics.yahoo.com 4 redirects am-match.taboola.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 www.google.com tpc.googlesyndication.com
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 www.gstatic.com www.bg3.co
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 a.teads.tv cdn.adpushup.com
a.teads.tv
www.bg3.co
5 onetag-sys.com 1 redirects cdn.adpushup.com
public.servenobid.com
csync.smilewanted.com
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 uipglob.semasio.net 2 redirects public.servenobid.com
ads.pubmatic.com
4 pixel-eu.onaudience.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 ad.turn.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
4 eb2.3lift.com 3 redirects cdn.adpushup.com
4 dclk-match.dotomi.com 4 redirects
4 idsync.rlcdn.com 2 redirects sync.teads.tv
ssum-sec.casalemedia.com
4 www.googletagservices.com www.bg3.co
securepubads.g.doubleclick.net
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 prebid.a-mo.net 2 redirects cdn.adpushup.com
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 image6.pubmatic.com ads.pubmatic.com
3 creativecdn.com 3 redirects
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 pixel-sync.sitescout.com 3 redirects
3 match.sharethrough.com public.servenobid.com
cs-server-s2s.yellowblue.io
csync.smilewanted.com
3 p.rfihub.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 hal900026.redintelligence.net hal9000.redintelligence.net
hal900026.redintelligence.net
3 track.adform.net srcdoc
s1.adform.net
3 pixel.tapad.com 2 redirects
3 fonts.googleapis.com 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
www.bg3.co
cdn.taboola.com
3 secure-assets.rubiconproject.com 3 redirects
3 sync.aralego.com ads.aralego.com
3 rtb.openx.net cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 mwzeom.zeotap.com public.servenobid.com
ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 green.erne.co 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 pubmatic-match.dotomi.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 us.ck-ie.com 2 redirects
2 ads.playground.xyz 2 redirects
2 ads.betweendigital.com 2 redirects
2 bh.contextweb.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 ssp.disqus.com 2 redirects
2 sync.targeting.unrulymedia.com 1 redirects csync.smilewanted.com
2 ce.lijit.com 1 redirects public.servenobid.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 match.360yield.com 2 redirects
2 cdn.contentspread.net hal900016.redintelligence.net
hal900026.redintelligence.net
2 s1.adform.net track.adform.net
s1.adform.net
2 hal9000.redintelligence.net 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 dis.criteo.com 2 redirects
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 pro.ip-api.com cdn.unibotscdn.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 am-vid-events.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 trc.taboola.com cdn.taboola.com
2 ads.aralego.com 1 redirects ads.aralego.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 cm.adform.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ad.mrtnsvr.com ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 u.openx.net 1 redirects
1 c21lg-d.media.net contextual.media.net
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 ad.360yield.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 s.company-target.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 sync.admanmedia.com 1 redirects
1 hbx.media.net 1 redirects
1 sync.technoratimedia.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 static.smilewanted.com csync.smilewanted.com
1 eu-u.openx.net adpushup-d.openx.net
1 contextual.media.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 mug.criteo.com
1 a.rfihub.com 1 redirects
1 cs.media.net 1 redirects
1 id5-sync.com
1 sync.inmobi.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 ad.doubleclick.net pagead2.googlesyndication.com
1 s0.2mdn.net imasdk.googleapis.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 sync.taboola.com am-match.taboola.com
1 vidstatb.taboola.com
1 sync.springserve.com sync.teads.tv
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 partner.googleadservices.com pagead2.googlesyndication.com
1 live.primis.tech
1 px.ads.linkedin.com
1 45f24457e91ebafed2a4bebb122fd0bc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.socket.io cdn.unibotscdn.com
1 imprammp.taboola.com vidstat.taboola.com
1 pixel.quantserve.com www.bg3.co
1 socket.unibots.in cdn.unibotscdn.com
1 rules.quantcount.com secure.quantserve.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 code.jquery.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 delivery.adrecover.com www.bg3.co
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 pixel.onaudience.com Failed public.servenobid.com
0 am-wf.taboola.com Failed vidstat.taboola.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 delivery.selfcampaign.com Failed www.bg3.co
0 static.bg3.co Failed www.bg3.co
578 209
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
socket.unibots.in
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cdn.socket.io
Amazon RSA 2048 M01		 2023-02-22 -
2023-12-20		 10 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
contentspread.net
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
ad.mrtnsvr.com
GTS CA 1D4		 2023-09-06 -
2023-12-05		 3 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 111 frames:

Primary Page: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Frame ID: DD7739500EADFB146EA7C2A3E031D190
Requests: 210 HTTP requests in this frame

Frame: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EFE50C758325A2A5B14F98D8DA8E3DB4
Requests: 1 HTTP requests in this frame

Frame: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5EC96EE312581B7E2992C53A672D888
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 304D5B1870B8A89935AB98AC3C4726B2
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 37DBEAB044ABD37F8D566F5BE4D79042
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 86DE8EA9CF104FFAFDB79B7BB6F81259
Requests: 16 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019
Frame ID: B75011043595BBB7B1DB54403C6EB67A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D59AC4490DCC211E43DB8C06074F2BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A65D3598319E83358CCBE064A778B8A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Frame ID: 090F3224A4E96A829DCC3AB09A47969C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: 1D01BE355CEF6A92D3F77B943DCDEBDB
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&cmcv=&pix=undefined&cb=1696154058140&uv=145276594&tms=1696154058140&abt=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vD!ul145276-594_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c3c1a98b-4cc2-402a-89fc-77a4bdb054f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: CEECB1AED896272BBA5ECA123C59732D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 3F7083FF3B9C696927F279EBEDE77C39
Requests: 4 HTTP requests in this frame

Frame: https://45f24457e91ebafed2a4bebb122fd0bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D1CB104037EC8ED48B3D661D972D968D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-nlNGk7SY-AllAccAXOs2oIm7r9T60rlflUn1tpWNgppwSq4BrhEr74MrOenwe42m2OepZnh3KP1ZoMe5rjMhe8XpUaiOFrvQ9zD84Ab47T2q6dy9BOFh8EeDtJOyEyPecYxAgcHJVoCNvhXgxtHmvJAUVoFNaLglsCbn7KR8zr67Yk9bV1EvEDTfQWqKnvNGMVpHPFKqcMAhZ4YRpU676iwhM3nwkKFk2l6r8ChlLQqMJ3lzBoZjxklLirDE9KAkiXbxeaXJYIl2kluI-FJATV3pHsvUzJ9inVT4D1EVigR740EnjBvmKE1g7N6saiN6&sai=AMfl-YTdV8kUTU8-80eArXvCRYZ47LjI8k-2zrCICuUmQS57sU1_8fjkMlWI8IIDSmtniVto6nPd2Ig6dTJpViUiLKVaEAm2pArSyJzVgHpuDAWJH3AsH4z6aIwdcIym8Cc&sig=Cg0ArKJSzP9bO4E7iADsEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D75A35863C243FFC8FC8930ECAE15EF5
Requests: 17 HTTP requests in this frame

Frame: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 327F55A99EA90A31B28A511040DDDC88
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNXW62z244arIdoyN___dRMEjV7w4cdlNy4_9iwr2M5IWecYanmsXXil9KYc1BgwFtR7d7fHnWM7mlakkSjijovMTDI_FQ
Frame ID: 986DDD719C68B494AFDB0DFE2CAD696A
Requests: 4 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Frame ID: EA4AED6DA897D6037FD5E27E9B13C028
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 689A16C937FF2E10DAE4B3F09D42C211
Requests: 1 HTTP requests in this frame

Frame: https://a.teads.tv/media/vpaid-display/teads-vpaid-display.js
Frame ID: 74E4D390E537088279AF59A5304EA77B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Frame ID: E97D82771607D0E888B3F7DF610FADCE
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37039A53181AA2A1774BEBCAAD341723
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA152B89796D55C5EEB61C1A3DE5BBB8
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 1616A76A0BF6C151D209061DB6012575
Requests: 3 HTTP requests in this frame

Frame: https://a.teads.tv/media/vpaid-display/iframe.html
Frame ID: B95E632913253EE4A44760B8380EA0F9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 5942D6595620B8B91EDB3385EA0616EA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E71BC05FB5AD09772B181BDEC3C72E16
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=67069920;rtbwp=0.4191159500911482;rtbdata=E5ZlSUrKlKHT2xYXG9D3b8RMskB2II_uc2jwI1byolN4oWUbtf_-WjLDMno1liEsDqxZ2E3Sb-Q1FP0GmcCU1QlUvwc7CW8YA7UcDHMZnsJe-dAVBVdsn9YiZzYDuyCFFO1l_pjOZrn-EQeyyqXEZdSVOA_B8Axcj0WlQe7we6tjs3LzooiWlsjkmeuvDk_z35dIM8eIycs9vOML8hV6r1hDaPZO9P1D0jesbhDnL-D3w552AYTcqu3zRB9Ai-sx5rwfzSer8kUJdWzoMZtA0lBUv1D10pPvvZnp-y3onUBhzpYDQ_9Zu-aNs9b9BYX5KrYRtHxOgyd0s_TzDPdVaNKJJXLqes_NNGoPJFNQ22ZxilprU64grYy1RPG7jVjTtF4_zKTq8cFwcXYCCQ9E_7VynVR1_-KDXCTefcmXM7F5NfAgO5jjxUHhIpkoas3H0
Frame ID: 8C6F66B362AE166992B415E7B3828FEA
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: D3DC4813DAABAE5FF7069055F0D57763
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C12B0EC6CF657536C49B4CBA8DD8DF91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWOzknI9ksbvShFAo8kzTzZJwzYTSso7ouhIgvKTS7PzLYn1_ovo_upKYvpG83YFaRuAI-AGqVjhz_4YMgsEqb9r1ODrA
Frame ID: FEEADD3E4F8B54638E582DB0660C0639
Requests: 5 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=42971800037452204438446012464016&a=0c3b7079
Frame ID: 9B9DB15E3A4824C2B58AA0FD4D0B4C76
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0EDBEF41DB825A87D85E1D22253307B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 62209314851D479D793615287D431A5F
Requests: 3 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=82412900038822104438458012464026&a=9bf994d6
Frame ID: 180A11376A8956849F49CF3AB89B9801
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD36A593847D28249376BA8AF8BFA18F
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: BF9B58F0E10228A9F53EDF45CFA4E20F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A936C861987093A1D72C1BFCCF9C5D2B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA7DF0DB2B43169DC0AE8200898794C9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9C367DC8756A71F38038981ED6E2BE0B
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 292DDB6E0DB3C3D3F2E7AAE0FC2C8F19
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696154057361
Frame ID: F02A3089D34F45D3046334BB3BF2B133
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: FC033B4FE6D30850269D3A812E00D57F
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: F55A734AB41CD301123ACC0F5F957F80
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: CE319A380ECF088C936C80BF035E763B
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8F555700A362EA1154777BF05AA1AC57
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 76DA2BF02F2E0C0B6AF81BB2C29388D3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8BBE5A65998D0FFB9D6B9DACF6D5547B
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 6C5FE0AA1A5CB083D102029CCC9761F0
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 596578287F8BFFEBEABB880744151D80
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: C437131A38CE88DBB0241FD1E3FDE0E6
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CFDC5AC6B502CD989117A6CE9237BE53
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: A37CDE3B2ACC4532A2E2B5FF062DA584
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 14AE1AEBE2E2A42C5246DA8864FDA529
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 820740F108DD83E256B898D28AE92E79
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 66E9B1C7E9EE9D4CB8CDBFCC8AF9ED73
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: CBFD6D4F4C64442B9C2428025426A45D
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 74FDE977FE0F8EDB978D3AECD98E9764
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: B7829D7878602A32CF81581E22918008
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 4F30B819EFD7FD930035FFFFE378D279
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: FFA67091937EF6F4FE86E1DF6306F60D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 10FCB4C8A758691C17B81BC364E4F087
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7839568542138889334&gdpr=0&gdpr_consent=
Frame ID: 21B142D5CA1086D5B5F41EBAE9EF162F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5103897635273492050&gdpr=0&gdpr_consent=
Frame ID: 42AB7C18873997768EF1992BE1F93AE4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZRlBzQAUi8ogdAAb&gdpr=0&gdpr_consent=&_test=ZRlBzQAUi8ogdAAb
Frame ID: 0B729E7EBAC2FA646766F5EC6223612B
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lMjlhYjEzMy1mOTczLTQ5NzktOGQ3OC04NjNiMTMyZTU3OTY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 379CE63249EDAA6B91CF6D1584D447AF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 184D4542146CA42B5F3AD81F8673815A
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 6617570E9CAB4C8AB4EA0C4C4EB6F10F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZRlBzcCo5tEAAFB4Lm0AAAAA
Frame ID: 79E2FFD7F9959155E33E55ABFC9B6C7E
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_e29ab133-f973-4979-8d78-863b132e5796&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: F06C3FD8C1B8C8CE6BEA559E56B99709
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=v7gPyH3Westtr2R5pbhQ&pi=gumgum
Frame ID: FC313043D8AF929CA57BBC2ECB13D0AA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0D9B7C45CB37C465B3527C214705BC82
Requests: 4 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
Frame ID: 193D0E3620536EB2ECB65E139CF68A5E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/4bc18ecf-028c-5212-8271-5027e76811ea
Frame ID: 5EF107C8CF10877C7B552C6B11E11C0D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ce6f8cf02ffae71f1b53ed9bd02c49c20dfbbfcfc16927d7a7b64dc3881a58d1
Frame ID: E13FA2AB18D42B5271947B8F84D93ECB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 31F6E52CB6D637E9FC4B8D30B01CB84D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F714E430-EB22-41F3-8594-D44E33ED515D&redir=true&gdpr=0&gdpr_consent=
Frame ID: 213B3283EC2B5C95BD15818434A11E67
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839568542138889334&gdpr=0&gdpr_consent=
Frame ID: 7A87D3F8167B4B8FE9200C482BD33A5E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ
Frame ID: 6B404AB2C5B99CEF356190FC06F37B22
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284926220982155403&gdpr=0&gdpr_consent=
Frame ID: D4C2B63372276919BB55404ED7FD9294
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 41B18B7A1D593898D22A44AB67E17195
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 7ED9D83AA54D9244D11C231697A1340C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: B4F74D3D80F953766123713A792DA613
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 8813AF539A172523405D53B4C6CA817E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 785F43F51872BFFF6FE8F83F6647797B
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Frame ID: 980436C8D18D5161AD12847C130E77EE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E9C858F16917D1C7FD24F85B09E21773
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F2AF59B7B4760653E557EBCB36136945
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=295805934120602370
Frame ID: 5DE1D0ABF5595D4746037479F512BA88
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Frame ID: D6BAA54E35646AE865C97427C4F31B77
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 5621E963B8CD3BE6F5D5B72888FC2334
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 059D0EB3CF1E2FE5982060BA0374CEC9
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5A043A145B57F8ED8E0838E3C370864F
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 38CE9B20AB4321BA2E45742273866641
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=F714E430-EB22-41F3-8594-D44E33ED515D
Frame ID: 573EAFDF587C3BCFBD2F1897E5D06311
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/5103897635273492050
Frame ID: F37A98519C021FB11BC2ADE535B0F68D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/56f5c1f5bf51abfddb1d108886a19b3d?gdpr_consent=&gdpr=0
Frame ID: B8BAF361A888A3C633864B39C107F2B4
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 136C1699F97CAFAD7056D590966587DD
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/60446b6462021c733a54cc63ead0270046f117c95deb81692c5c7102108b27c2
Frame ID: AFA1CAE87C38737A9406B60C504F51E5
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
Frame ID: E1B581DC1B8E5E82BD18AF0CFE0F176D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTUQQjanTTaQXMV&gdpr=0&gdpr_consent=
Frame ID: 8A534F46C1896F90AC8114A4275D84EA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 6733AC81619E506528F42D4046684469
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
Frame ID: 2BE17A92AFA5DCCE4693353FC0F24B79
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5758106341
Frame ID: BE280A6CCD29AD58627A8BA6958B58C5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=F714E430-EB22-41F3-8594-D44E33ED515D
Frame ID: DB8834D5E113803B44E1F6662AD17BC6
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
Frame ID: A67485ECCAE6108A63CC4EC895CFE70A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSMRhjYaRRVgnMnUQ&gdpr=0&gdpr_consent=
Frame ID: 43CE78A68B04AFB50BA26E7DF1CDFB67
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E61AA53EDC195DA0EB7A9B22AE2904AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
Frame ID: 94C3AC0B071971F8E07F9623A5C746E5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4912066749
Frame ID: C913C90BECC8AE76AEE47B5BFCE172FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=F714E430-EB22-41F3-8594-D44E33ED515D
Frame ID: 8FABF9F0A23CB258028AE5F692AB0752
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

奧斯卡/94憑這幕!《淑女鳥》毒舌媽一鏡到底爆催淚 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

578
Requests

75 %
HTTPS

24 %
IPv6

125
Domains

209
Subdomains

132
IPs

17
Countries

8733 kB
Transfer

18667 kB
Size

186
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 121
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 192
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LN7ABYR9-12-I51O HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN7ABYR9-12-I51O
Request Chain 208
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE43QUJZUjktMTItSTUxTw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED-3NiDq4DZHACJXkH8U-tM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE43QUJZUjktMTItSTUxTw==&google_push=
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFtsyec_AmfaghoJ_KPc7yA&google_cver=1
Request Chain 210
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDA1OGIyZjhmMTU5NTBkMDVmMjdhMzc3YTI2MmUwZTEzYzk5MWQ1NQ
Request Chain 211
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mUiNykrfuJXmuFK2wjyYNsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-erlUSK1E2oJV_xFyJf6tprK_rVL3_pcHArhbKw--~A
Request Chain 212
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN7ABYR9-12-I51O
Request Chain 213
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jT_SVuZTR_2jlOVZIJY0Ug&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jT_SVuZTR_2jlOVZIJY0Ug
Request Chain 214
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7WrC0FpnRZun11hUcMEsWg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7WrC0FpnRZun11hUcMEsWg
Request Chain 216
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACLek7KMoQAABkYTfiLDg&expires=30
Request Chain 217
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LN7ABYR9-12-I51O
Request Chain 218
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN7ABYR9-12-I51O
Request Chain 219
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN7ABYR9-12-I51O HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN7ABYR9-12-I51O
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1
Request Chain 222
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRlBytX2FjzeDy.4kC0mEAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1&google_hm=2
Request Chain 253
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1696154058658 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk
Request Chain 255
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1696154058658 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=90113fd7-70ee-4296-b7f1-83ab611747c1&gdpr=0&gdpr_consent=
Request Chain 256
  • https://pr-bh.ybp.yahoo.com/sync/teads/0b6457e5-3d55-41a3-8fa6-4bac9c59608d?gdpr=0&gdpr_consent=&_t=1696154058658 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-6_NorPlE2oSsqe_IhtUeBHyYKYEmeDvpRrI-~A
Request Chain 262
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&_t=1696154058658 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d
Request Chain 263
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1696154058658 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 267
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qd1ABeZE2oS0AY0lgKfqRiUwimgl8A81aGUh.g--~A
Request Chain 282
  • https://hal900016.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=fdc36c03fb&subid=&uid=23a700868a0d2a65&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnnUByUEZZYj_O-zb7_UP6diD8ASRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEnwJP0Ge_W0lF2_sTO62Y--0NNeTCxyS8qRNALj7eSmJ3SHh4wenIR8XsRAU2SgN3RtLNJ413SDXFF3bvKEWUWURJH1ip-d3v4FmE2DT9Kj8GgrD8kAAuUIuEYDAxUOFoTkQEnFZkO8tuPEpCfVwtW5DWGS4ayFQyzWRFFIRb1FnkvRqN_DNf9h4yRZsyavDKqDnYpO4sBQcBexdn-Gw_gsmLjroH0IlIvfxnPzEfDbtiU61NHozsNe8b7HPX7VZjrhy9-Cx0Q7F7zEdiRu_sWCBxQ1KTR6cno37H4v1k39bf0BGYpggEQsNKyHo-qJmmk9nsZNJ8yfDPTER2uSD6g_2HI1xub3Ib4RpcXXin-tfeXfYfRbUdOBBt0kVXYxjnlcAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj-n--gytSBAxXs7bsIHWnsAE6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIyIfxoMrUgQMV7O27CB1p7ABOEAEYASAAEgJsAPD_BwE%26num%3D1%26cid%3DCAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB%26sig%3DAOD64_3E7qr-3Xe8Se9i14RBn-SVfuLIBg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BALJ2tpf7rkKejoF1jBjSA03kjOfWTXcQsozw86RE3bJw1PJmkHnelONuPI41TwuhqaaHL7mzca7skmjQb9PZakQh2KBSiO5H2ujIlPzqyqNe7XpYBRwYXvdIJsLfNVFiBE1IACPGQhfCeCvcr88rvkejFe6_dSAFM2PLyJ34klt_s7ME%26cry%3D1%26dbm_d%3DAKAmf-BJsMaREm3_xewQf957yLdEsbD93MUB3R3oMHUVIUqBsBxfe8Y6ZT0fXrT6Pe6sSaqOB_t3Sro7nBFL4it40GXrEVvmWRCtzspU2f78r8VUg7Ay-Wbcdgv9joHCdb-RBgm2EdOZsiIvoitWAEPiAV6HDxsiwidGPcn1kvRQ1ryhoNaI2QHbD5DgwIyfho8p-VHG45X1noKkTGQeq8RNqbPPTxHjBruxXyaheoYs7V4khWdBJh7MIdsVEqw4hYVZE9Cnnbedjf5rniPrZ1KRY09zxmLwHY03Mqc2YDO9Sh52yOmWDRO8YiEKgLY52c5Twq7-Jz7lKcX_-kwYCU3td9WmR7RVkO6snkCzf0tqVXe5ZKrGp9zUj5De-hq25exVx97QFpmiUCxc3qJnZ5_aXERUTFcKNF1cnur4EYiWqm4eJKbu8LWD6ADVbp4voN2nUjkOLczUv3-G7s-c4Z8c3vAQ65oQMu9ROGzGPDOjydbUl78lNt10va-Rj6L0Fd4mmYQA4zs2FTjFM63Q4L8P2X6fetwgJCUEX4BMf_Iw8og_42cX-OgESxH8lnJ-1F4Op0IDUMxzuk-opjA3yEBdP1j9m9F5yGjizNikT5pbYheQX82gKZHeWC24YbURtNrjauF3qew81kmFOAuTPWqo4K7z_mjZyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6662836773409&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=fdc36c03fb&subid=&uid=23a700868a0d2a65&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnnUByUEZZYj_O-zb7_UP6diD8ASRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEnwJP0Ge_W0lF2_sTO62Y--0NNeTCxyS8qRNALj7eSmJ3SHh4wenIR8XsRAU2SgN3RtLNJ413SDXFF3bvKEWUWURJH1ip-d3v4FmE2DT9Kj8GgrD8kAAuUIuEYDAxUOFoTkQEnFZkO8tuPEpCfVwtW5DWGS4ayFQyzWRFFIRb1FnkvRqN_DNf9h4yRZsyavDKqDnYpO4sBQcBexdn-Gw_gsmLjroH0IlIvfxnPzEfDbtiU61NHozsNe8b7HPX7VZjrhy9-Cx0Q7F7zEdiRu_sWCBxQ1KTR6cno37H4v1k39bf0BGYpggEQsNKyHo-qJmmk9nsZNJ8yfDPTER2uSD6g_2HI1xub3Ib4RpcXXin-tfeXfYfRbUdOBBt0kVXYxjnlcAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj-n--gytSBAxXs7bsIHWnsAE6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIyIfxoMrUgQMV7O27CB1p7ABOEAEYASAAEgJsAPD_BwE%26num%3D1%26cid%3DCAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB%26sig%3DAOD64_3E7qr-3Xe8Se9i14RBn-SVfuLIBg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BALJ2tpf7rkKejoF1jBjSA03kjOfWTXcQsozw86RE3bJw1PJmkHnelONuPI41TwuhqaaHL7mzca7skmjQb9PZakQh2KBSiO5H2ujIlPzqyqNe7XpYBRwYXvdIJsLfNVFiBE1IACPGQhfCeCvcr88rvkejFe6_dSAFM2PLyJ34klt_s7ME%26cry%3D1%26dbm_d%3DAKAmf-BJsMaREm3_xewQf957yLdEsbD93MUB3R3oMHUVIUqBsBxfe8Y6ZT0fXrT6Pe6sSaqOB_t3Sro7nBFL4it40GXrEVvmWRCtzspU2f78r8VUg7Ay-Wbcdgv9joHCdb-RBgm2EdOZsiIvoitWAEPiAV6HDxsiwidGPcn1kvRQ1ryhoNaI2QHbD5DgwIyfho8p-VHG45X1noKkTGQeq8RNqbPPTxHjBruxXyaheoYs7V4khWdBJh7MIdsVEqw4hYVZE9Cnnbedjf5rniPrZ1KRY09zxmLwHY03Mqc2YDO9Sh52yOmWDRO8YiEKgLY52c5Twq7-Jz7lKcX_-kwYCU3td9WmR7RVkO6snkCzf0tqVXe5ZKrGp9zUj5De-hq25exVx97QFpmiUCxc3qJnZ5_aXERUTFcKNF1cnur4EYiWqm4eJKbu8LWD6ADVbp4voN2nUjkOLczUv3-G7s-c4Z8c3vAQ65oQMu9ROGzGPDOjydbUl78lNt10va-Rj6L0Fd4mmYQA4zs2FTjFM63Q4L8P2X6fetwgJCUEX4BMf_Iw8og_42cX-OgESxH8lnJ-1F4Op0IDUMxzuk-opjA3yEBdP1j9m9F5yGjizNikT5pbYheQX82gKZHeWC24YbURtNrjauF3qew81kmFOAuTPWqo4K7z_mjZyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6662836773409&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFQrLk8mhLEcVdKoFVdXe3I&google_cver=1
Request Chain 316
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
Request Chain 318
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjllYjM4Y2YtNjhiNC0yZjk2LWNlZTEtYmZkODE3NDRlMmRl
Request Chain 331
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDTjf_Croy0gMMdtjXgm34I&google_cver=1&google_push=AXcoOmQt6EhNS7cpJnFrC-uu_7M4fmd4rEB-58vodhk3AhuibX1xM7YjoCqIqbg6l5ybA_iED7KNyo9_UJz0Ht_QHtFA_tv_a2Ik HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=366bfae4025c15ec&is_secure=true&networkId=14000&version=1&google_gid=CAESEDTjf_Croy0gMMdtjXgm34I&google_cver=1&google_push=AXcoOmQt6EhNS7cpJnFrC-uu_7M4fmd4rEB-58vodhk3AhuibX1xM7YjoCqIqbg6l5ybA_iED7KNyo9_UJz0Ht_QHtFA_tv_a2Ik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtenYgjY-lgMB0hSwAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDTjf_Croy0gMMdtjXgm34I&google_push=AXcoOmQt6EhNS7cpJnFrC-uu_7M4fmd4rEB-58vodhk3AhuibX1xM7YjoCqIqbg6l5ybA_iED7KNyo9_UJz0Ht_QHtFA_tv_a2Ik
Request Chain 333
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEI_Do1nzmkeT-aIOWM_c5QE&c_param1=AXcoOmTqFeDREp02cOhbcPLWhEf5tcHNv8nWxMk_mP8f04v1sHE332L8zmK7Kqmr8B4Ig84Laiyji50Qhtc4G8jvex4D_SMTeaUW&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTqFeDREp02cOhbcPLWhEf5tcHNv8nWxMk_mP8f04v1sHE332L8zmK7Kqmr8B4Ig84Laiyji50Qhtc4G8jvex4D_SMTeaUW
Request Chain 334
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEEM7yASVq7tjf9d_3pSNkFM&google_cver=1&google_push=AXcoOmRreGByPZU_k3G4x_-uv4t0B_GbVLwjy7SPk2azkRKp7hqpRhavnaghPaY1zpZ1ReI2oSN-Mng9IFO82llIvVsFku-_YMUf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZDIzMTkzMThlZjA1NDllMzlmYjUxYTUwYTk1MWVkYWI%3D&UIDF=CAESEEM7yASVq7tjf9d_3pSNkFM&google_cver=1&google_push=AXcoOmRreGByPZU_k3G4x_-uv4t0B_GbVLwjy7SPk2azkRKp7hqpRhavnaghPaY1zpZ1ReI2oSN-Mng9IFO82llIvVsFku-_YMUf
Request Chain 335
  • https://match.360yield.com/match/ebda?google_gid=CAESEOX6akDeXILzvPxSFbC-Bqg&google_cver=1&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQqEWG8O-6g1myo HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOX6akDeXILzvPxSFbC-Bqg&google_cver=1&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQqEWG8O-6g1myo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XgMPEoOtTH-hgR3OBCu2RQ&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQqEWG8O-6g1myo
Request Chain 336
  • https://sync.inmobi.com/gob?google_gid=CAESEAkPgm_ir05d41g_uA5wqnk&google_cver=1&google_push=AXcoOmQHAIbD4lO-KrAN7OtLO30vnLAJu733-dHdH6LK-7NM9hz89DligPe1DH_YHW9jIVY3QWJ-vvIMtBOSc7X03j5jmXIceJyH HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHAIbD4lO-KrAN7OtLO30vnLAJu733-dHdH6LK-7NM9hz89DligPe1DH_YHW9jIVY3QWJ-vvIMtBOSc7X03j5jmXIceJyH
Request Chain 337
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEICcakCUCr7m_7eUHvIOrVo&google_cver=1&google_push=AXcoOmST2fkPLF8JcD7QxtmwYL80CwzVZxdjyD_opDJUlwBeHhY0_5XvDd2Ccwf7e4Y7UPplaX69rzoePN4KKc6S0bnTWXRULGDFtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D&google_gid=CAESEICcakCUCr7m_7eUHvIOrVo&google_cver=1&google_push=AXcoOmST2fkPLF8JcD7QxtmwYL80CwzVZxdjyD_opDJUlwBeHhY0_5XvDd2Ccwf7e4Y7UPplaX69rzoePN4KKc6S0bnTWXRULGDFtw
Request Chain 359
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDitj-kjvtrKRrg7dlr7JUo&google_cver=1&google_push=AXcoOmQpJwWxiIf2ijUKfcRSfDAI0Ig63Br0SBu61V8ze-kgidE69AJA7Y-A645h6Sl-ZP63q3Tm6Vr8J9P6VmuV7oRuAUJWu3g HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4ca2bcc82d3715b4&is_secure=true&networkId=14000&version=1&google_gid=CAESEDitj-kjvtrKRrg7dlr7JUo&google_cver=1&google_push=AXcoOmQpJwWxiIf2ijUKfcRSfDAI0Ig63Br0SBu61V8ze-kgidE69AJA7Y-A645h6Sl-ZP63q3Tm6Vr8J9P6VmuV7oRuAUJWu3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHyc8EHHsgmQNfXCgIAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDitj-kjvtrKRrg7dlr7JUo&google_push=AXcoOmQpJwWxiIf2ijUKfcRSfDAI0Ig63Br0SBu61V8ze-kgidE69AJA7Y-A645h6Sl-ZP63q3Tm6Vr8J9P6VmuV7oRuAUJWu3g
Request Chain 360
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPx1fUh2vNxV--eByFkHIGs&google_cver=1&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_wy3ZZ-55OM HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPx1fUh2vNxV--eByFkHIGs&google_cver=1&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_wy3ZZ-55OM&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_wy3ZZ-55OM&google_hm=HaZyvGZHzu9H2AHGSUuXnlbK
Request Chain 361
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDFNvKmA9sXtjTg7eVtLWc0&google_cver=1&google_push=AXcoOmRCcEcUcVWPv95L32eM_FwOLn6hAhOXf4txDUR6FpqD8RMjWM06gEG-1NSFYz4X60PL0QgTB1FpY8tdsnyfp4tsHkivDw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRCcEcUcVWPv95L32eM_FwOLn6hAhOXf4txDUR6FpqD8RMjWM06gEG-1NSFYz4X60PL0QgTB1FpY8tdsnyfp4tsHkivDw
Request Chain 362
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKqgpBjJp9DD_kQxXpJ0BNQ&google_cver=1&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RLlhEX_TdZIk-DD16K2IcIUqgS3A6NOuFs3TE HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RLlhEX_TdZIk-DD16K2IcIUqgS3A6NOuFs3TE&google_gid=CAESEKqgpBjJp9DD_kQxXpJ0BNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA0Mjc1MDU4NDIyMjg0NDU0NTM2&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RLlhEX_TdZIk-DD16K2IcIUqgS3A6NOuFs3TE
Request Chain 363
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMtaWNuKCXVpgWHD-UwAtvM&google_cver=1&google_push=AXcoOmT8AafuRlSOf4fTm9cCb2VNZt7yhGkEdHKxQ1YUBZ3Zrm3i4kf4YPUymcZ87ZsdQiLpw7c2h9mlEp8rcKRRW_Flr7aOAsU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&mn_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmT8AafuRlSOf4fTm9cCb2VNZt7yhGkEdHKxQ1YUBZ3Zrm3i4kf4YPUymcZ87ZsdQiLpw7c2h9mlEp8rcKRRW_Flr7aOAsU&gdpr=&gdpr_consent=
Request Chain 364
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEAolx4V-mzF2RamLXaV-Aw&google_cver=1&google_push=AXcoOmR7qaZn3kctX1wRYbdZYhoGpirIJUFZW6z2CrgBEgmEkLytFf3MXn1QS27lkWBli4r28p54r-z0IeQqmq7qq86oWzQHvKlj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qaZn3kctX1wRYbdZYhoGpirIJUFZW6z2CrgBEgmEkLytFf3MXn1QS27lkWBli4r28p54r-z0IeQqmq7qq86oWzQHvKlj&google_hm=Mjk1ODA1OTM0MTIwNjAyMzcw
Request Chain 365
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBEMVVTSolNHANRWs-14XrE&google_cver=1&google_push=AXcoOmSZpL-1dSbM-lRsaYMofxoiDI2seKmVSB1e3aP8NFcNfiJJHP_CxaflN-gp-XezFJ5zrRGrgYEucXInzoFqiiQxGIsAvR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk&google_push=AXcoOmSZpL-1dSbM-lRsaYMofxoiDI2seKmVSB1e3aP8NFcNfiJJHP_CxaflN-gp-XezFJ5zrRGrgYEucXInzoFqiiQxGIsAvR4 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 371
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qGiJH3xBa3VBZmlhaU9PQkVORmRVTlAzcTNkT29ucFFsMlhuMUovbmtrL05kbnMyMHlZL0N4dFNCbUU4dnVSYytEL0xkbFpsWnhOY2RiOFhvYnI2bXNrQ29qUU51TlF4MzczdGM0b0pOQXdtd2pVOGtyUkh3eHg4M25zOWZiMkxwOTd1Tmc3RFV0QUdzMGE4NnRZcXhKcjRLUWtSZXJoSnZmTGlXM0lWVGVlWHl4UzRISzBmRWNtek5Ib3g1L3dFY3pZODN5WCsramVpcGtCcUJZMDBIUzRyb3diVENiWFFId2NtQkJaRWJqNjY4OEFrVE9NSUM4OWNLZUdPNXpzNVRXb040a0NERkxFcmNhOVM3a1JtbUV6UHJaUT09fA&cppv=2
Request Chain 403
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wlrYPsBeij7ZWI80zAzEYcVa2DLZW48_zVZjutka
Request Chain 404
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5103897635273492050
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
Request Chain 416
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 421
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7839568542138889334
Request Chain 422
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HaZyvGZHzu9H2AHGSUuXnlbK
Request Chain 424
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696154061151 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1068685583 HTTP 302
  • https://sync.1rx.io/usersync/turn/3848987879357663383?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-90e355a0-243d-4d00-bf94-671ecd6f796f-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
Request Chain 425
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=295805934120602370
Request Chain 426
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=b76e92d8-5d36-43bc-aaf2-03021a9438c8
Request Chain 427
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 428
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
Request Chain 429
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-16c69828-64ab-31fa-9b6f-1badcbb2dd03&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMyAiIMOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMyAiIMOAE= HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-16c69828-64ab-31fa-9b6f-1badcbb2dd03&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMyAiIMOAI=
Request Chain 430
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
Request Chain 432
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 433
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=e428bd8c-4627-4b4b-bcc9-2e3b89a89be0
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5hM73eSqDfR8nbxr3hyM4&google_cver=1
Request Chain 440
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRlBzQAUiiMf8AAb HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRlBzQAUiiMf8AAb&_test=ZRlBzQAUiiMf8AAb
Request Chain 441
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D92e12682-810f-475d-975b-6d4183e87980-651941cd-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D92e12682-810f-475d-975b-6d4183e87980-651941cd-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D92e12682-810f-475d-975b-6d4183e87980-651941cd-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D92e12682-810f-475d-975b-6d4183e87980-651941cd-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D92e12682-810f-475d-975b-6d4183e87980-651941cd-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
Request Chain 442
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7308033868154914967
Request Chain 443
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZRlBytX2FjzeDy.4kC0mEAAA%262128&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZRlBytX2FjzeDy.4kC0mEAAA%262128&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a9c884ec10114329b80a551bd1c5ac42 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a9c884ec-1011-4329-b80a-551bd1c5ac42 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a795d549-ea2a-4d25-87d7-c429aaea30b8%3A1696154061.8931248&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da795d549-ea2a-4d25-87d7-c429aaea30b8%253A1696154061.8931248%26_%3D1696154061.8952754&cb=1696154061.8953087 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=295805934120602370&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da795d549-ea2a-4d25-87d7-c429aaea30b8%253A1696154061.8931248%26_%3D1696154061.8952754 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a795d549-ea2a-4d25-87d7-c429aaea30b8%3A1696154061.8931248&_=1696154061.8952754 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdhNzk1ZDU0OS1lYTJhLTRkMjUtODdkNy1jNDI5YWFlYTMwYjg6MTY5NjE1NDA2MS44OTMxMjQ4EAAaDQjOg-WoBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAt48-CS3AGZQ2FlXF_uwlk&google_cver=1
Request Chain 446
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7839568542138889334
Request Chain 448
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACLek7KMoQAABkYTfiLDg&expiration=1697363661
Request Chain 449
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
Request Chain 450
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=v7gPyH3Westtr2R5pbhQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128&tc=1
Request Chain 451
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6dda1867-4b27-a4dc-7638f403
Request Chain 453
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711965261&external_user_id=319def23-936b-4aad-a86a-d1adbf10801b
Request Chain 461
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7839568542138889334&gdpr=0&gdpr_consent=
Request Chain 463
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LN7ABYR9-12-I51O HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LN7ABYR9-12-I51O
Request Chain 464
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7839568542138889334
Request Chain 465
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e29ab133-f973-4979-8d78-863b132e5796&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e29ab133-f973-4979-8d78-863b132e5796&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=EGSDdhJg0XYLZtR8HjKfKRdkg3oLZdR3H2g1wY5_ HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 466
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28zzERhRuctcg_n8UpB1NWD8GKm18gfD0qDbli3qS5b-g-0Xso9BPtJi9EFPxlo3Ly%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28zzERhRuctcg_n8UpB1NWD8GKm18gfD0qDbli3qS5b-g-0Xso9BPtJi9EFPxlo3Ly%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e29ab133-f973-4979-8d78-863b132e5796&obuid=ENC(zzERhRuctcg_n8UpB1NWD8GKm18gfD0qDbli3qS5b-g-0Xso9BPtJi9EFPxlo3Ly)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 467
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=62b94f75-89d6-4964-bc7a-f58c15f62df8
Request Chain 468
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c070b215-1837-5379-4f20-88ccc3bd1025$ip$45.12.222.173
Request Chain 469
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jHibKHNE2pceP5ZW5g.ZCWN62Cdm5shj3BIr~A
Request Chain 470
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9b60f9fc-cd11-4cf1-aedd-4c7e6c5125ef
Request Chain 472
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e29ab133-f973-4979-8d78-863b132e5796&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=atWLoKkMLzw5YkcuBW4L&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YLUK5GG6S3LJVGHU5ZVLFVWG5KCK42EYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YLUK5GG6S3LJVGHU5ZVLFVWG5KCK42EYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=atWLoKkMLzw5YkcuBW4L&us_privacy=1---
Request Chain 473
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=5e030f12-83ad-4c7f-a181-1dce042bb645
Request Chain 474
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=ZysGJGiHh59B&ev=1&pid=558355
Request Chain 475
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8565809872872338097
Request Chain 477
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5103897635273492050&gdpr=0&gdpr_consent=
Request Chain 478
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRlBzQAUi8ogdAAb HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZRlBzQAUi8ogdAAb&gdpr=0&gdpr_consent=&_test=ZRlBzQAUi8ogdAAb
Request Chain 482
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRlBzcCo5tEAAFB4Lm0AAAAA
Request Chain 484
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=v7gPyH3Westtr2R5pbhQ&pi=gumgum
Request Chain 485
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 486
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7536703685 HTTP 302
  • https://sync.1rx.io/usersync/turn/3848987879357663383?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
Request Chain 489
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=6961335048452890773 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/4bc18ecf-028c-5212-8271-5027e76811ea
Request Chain 491
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 492
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7839568542138889334 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 493
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRlBytX2FjzeDy.4kC0mEAAA%262128
Request Chain 494
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=0cdd0901-de51-4e66-a399-fc969da5a65b
Request Chain 495
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=e3fb81bac0b304f6b4a50af1b18e39d7
Request Chain 496
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=704275058422284454536
Request Chain 499
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ce6f8cf02ffae71f1b53ed9bd02c49c20dfbbfcfc16927d7a7b64dc3881a58d1
Request Chain 500
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 502
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839568542138889334&gdpr=0&gdpr_consent=
Request Chain 503
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ
Request Chain 504
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284926220982155403&gdpr=0&gdpr_consent=
Request Chain 505
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=7770044e-8f11-4e3b-85f1-ab29f21dabd9&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 506
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wHCyFRg3U3lPIIjMw70QJS0M3q0&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 508
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 509
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTGVrN0tNb1FBQUJrWVRmaUxEZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACLek7KMoQAABkYTfiLDg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACLek7KMoQAABkYTfiLDg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACLek7KMoQAABkYTfiLDg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8565809872872338097&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACLek7KMoQAABkYTfiLDg&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 510
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc214cf7a96314076b8420558a1f0d478 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Request Chain 513
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=295805934120602370
Request Chain 514
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8548314120831880462 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Request Chain 517
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 520
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9xTkMOsiQfOFlNROM-1RXQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 521
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=&ct=y
Request Chain 522
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2903304955
Request Chain 523
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F714E430-EB22-41F3-8594-D44E33ED515D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODFocnIzV0J6UG1SRWVpcVdWQUctS3JMZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5103897635273492050&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjcxNEU0MzAtRUIyMi00MUYzLTg1OTQtRDQ0RTMzRUQ1MTVE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 525
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEClaJIBvbieIG9Db4R6dKEM&google_cver=1
Request Chain 527
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5103897635273492050
Request Chain 529
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F714E430-EB22-41F3-8594-D44E33ED515D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-u8iOg0pE2uWMYt__YKyZDFpcm76oDV0-~A&gdpr=0
Request Chain 531
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
Request Chain 532
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=43ec2ef0fa51170a&is_secure=true&networkId=17100&version=1&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtenYgjY_-ANvZMedAAAAAAA&expiration=1696240461&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 533
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848987879357663383&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 534
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c3696341-529d-41a2-b836-345bcc34c428&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Request Chain 535
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LN7ABYR9-12-I51O HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LN7ABYR9-12-I51O
Request Chain 537
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5103897635273492050&gdpr=0&gdpr_consent=
Request Chain 538
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=8565809872872338097&gdpr=0&gdpr_consent=
Request Chain 539
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7284926220982155411&gdpr=0&gdpr_consent=
Request Chain 540
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACLek7KMoQAABkYTfiLDg&partnerid=127&gdpr=0
Request Chain 541
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5103897635273492050
Request Chain 543
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/56f5c1f5bf51abfddb1d108886a19b3d?gdpr_consent=&gdpr=0
Request Chain 544
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=56f5c1f5bf51abfddb1d108886a19b3d&gdpr_consent=&gdpr=0
Request Chain 546
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7839568542138889334 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 549
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/60446b6462021c733a54cc63ead0270046f117c95deb81692c5c7102108b27c2
Request Chain 566
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e776ddc0e770d2f5/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznTTUQQjanTTaQXMV%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a11c05dcd551d7b8ac4c8c3a542a04a3&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DkODCF8PznTTUQQjanTTaQXMV%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTUQQjanTTaQXMV&gdpr=0&gdpr_consent=
Request Chain 568
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
Request Chain 569
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5758106341
Request Chain 572
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 573
  • https://pixel.onaudience.com/?partner=214&mapped=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e210bf7d78b5df11/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a11c05dcd551d7b8ac4c8c3a542a04a3&gdpr=0
Request Chain 575
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 576
  • https://pixel.onaudience.com/?partner=214&mapped=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d08cd4c9688de66e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 578
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8f9bc30995aefe6d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSMRhjYaRRVgnMnUQ%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a11c05dcd551d7b8ac4c8c3a542a04a3&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D0E2y59DCSMRhjYaRRVgnMnUQ%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSMRhjYaRRVgnMnUQ&gdpr=0&gdpr_consent=
Request Chain 580
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
Request Chain 581
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4912066749

578 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
www.bg3.co/a/ 		61 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ade60f9c0549db403e2b5b7a5efdf8d71fe1b022afb0b2044716067f41590e40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:16 GMT
etag
"f236-m10T6JaxDrrV90TKyY54mA9/wJs"
expires
Sun, 01 Oct 2023 09:55:16 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 01 Oct 2023 09:54:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73010
x-xss-protection
0
server
sffe
etag
"b44d49b4390daba4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 01 Oct 2023 09:54:16 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 01 Oct 2023 09:54:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9649
x-xss-protection
0
server
sffe
etag
"72b1ab72fa86fbb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 01 Oct 2023 09:54:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b3a79df7bbee5141a6ec36cc17ff8afb63a175118f48a01474b28bf9e31cda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29388
x-xss-protection
0
server
cafe
etag
162 / 19631 / m202309260101 / config-hash: 9162079683277741110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:16 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d66a14dc88b2faaa63c6f613ff517dca234caec6572535d0df54ca600fe7d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91234
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 01 Oct 2023 09:54:16 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 15:25:52 GMT
server
cloudflare
age
39844
etag
W/"6516ec80-a1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80f3d2c64f10699b-FRA
expires
Sun, 01 Oct 2023 10:50:12 GMT
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 10:54:17 GMT
date
Sun, 01 Oct 2023 09:54:13 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Sun, 01 Oct 2023 07:00:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/ 		681 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 01 Oct 2023 09:54:16 GMT
content-encoding
br
age
87311
x-cache
HIT
x-client-device
desktop
content-length
145467
x-ap-device
DESKTOP
last-modified
Thu, 28 Sep 2023 16:35:35 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Sun, 01 Oct 2023 10:54:16 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		563 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
32e7ebeb35c190a8014c62673e0d81e8fab28b27b2b8f74a71f73dab5aa62c69

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
f4aDbvL2azkceJCYNufonAgMFoz_c4zK
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:16 GMT
x-amz-request-id
5YHSKW9BRF90R77R
age
9166
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
10
x-amz-replication-status
FAILED
content-length
55664
x-amz-id-2
JGgyrFAxEemv49mZcpxCptXvXIBlBhLb98bcaIuh+e9+PYy1CtCTGKCa0ON/fCDg0x/rI9oLZu4=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sun, 01 Oct 2023 07:21:30 UTC
server
nginx
x-timer
S1696154057.699258,VS0,VE1
etag
"f069ac8b9a5c8f424732c47eb2d53d21a6a9b3b9"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
12
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSCsCv6RM8hu%2FNeha%2BBkAdQi1TB4beKVf%2FtrjOgU%2BDAiOyYT706EKGbKtWznzVTmc0X58G9TIR1jaI08o06NsQUXPVTkO2XgGJhpTKwywE3hR2aU5SHvX%2BDXaUo2A58i0cjbkeqyyBQQdIAJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80f3d2c9cb6ebb85-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		316 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:16 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
09/30/2023 06:49:35
cdn-pullzone
873945
last-modified
Sat, 30 Sep 2023 06:49:13 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6517c4e9-4eedb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
5cb166cd1dc1455e906110eda532e09e
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
t.php
c.statcounter.com/ 		192 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=C03B159C4EF34FF5AA7B7F5D603A5BFE&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&t=%E5%A5%A7%E6%96%AF%E5%8D%A1%EF%BC%8F94%E6%86%91%E9%80%99%E5%B9%95%EF%BC%81%E3%80%8A%E6%B7%91%E5%A5%B3%E9%B3%A5%E3%80%8B%E6%AF%92%E8%88%8C%E5%AA%BD%E4%B8%80%E9%8F%A1%E5%88%B0%E5%BA%95%E7%88%86%E5%82%AC%E6%B7%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1900&sc_rum_e_e=1915&sc_rum_f_s=0&sc_rum_f_e=1886&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
80f3d2c6cf5d699b-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20230926-6-RELEASE.js
cdn.taboola.com/libtrc/ 		810 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230926-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e08f7e9f6ae30abe3a4bbad4c5c8df2735a5ad29b1f42acea863affb94a1f549

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BLybIuE9YkGY9sxlqcmTo5hz4J19m5k4
content-encoding
br
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:16 GMT
x-amz-request-id
0NK5ZDH0YVYGYZW3
age
22911
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171513
x-amz-id-2
NHohfvWym9cNWbJyjuEIfKvG0we4gM9OAcQHt0zjGzjPI3iUd4zwR0ps0yhfXsWyVD/I7spApTI=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Tue, 26 Sep 2023 11:29:01 GMT
server
AmazonS3-br
x-timer
S1696154057.799393,VS0,VE0
etag
"2f2b20a97162de175dc8a6751e2941f3"
vary
Accept-Encoding
content-type
application/javascript
abp
40
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
74981
e7eb61fcc7ea1f06b2a72c40f8f8fbdc.jpg
static.bg3.co/imgs/202105/ 		0
0
1bfb9e85f5fbd815a3ca7e0c300cea73.jpg
static.bg3.co/imgs/202106/ 		0
0
50e6bfe24f8c528de829b9c6b124a8c2.jpg
static.bg3.co/imgs/202105/ 		0
0
317223c721bd8a51206a9d31e3cda518.jpg
static.bg3.co/imgs/202105/ 		0
0
0e2424ea71a504ca314d0c381dba894f.jpg
static.bg3.co/imgs/202309/ 		0
0
11ee01128642dc85086008c0801e13c1.jpg
static.bg3.co/imgs/202105/ 		0
0
3053d4a4ad3d0e40a78553b0de60d06a.jpg
static.bg3.co/imgs/202105/ 		0
0
d35f2352a21e5fdaced3df335fad6d6d.jpg
static.bg3.co/imgs/202105/ 		0
0
90365ec27911f1661506eef194904f8f.jpg
static.bg3.co/imgs/202105/ 		0
0
408e6ebf7d0fe0e81ee9eb1a0c5f2c29.jpg
static.bg3.co/imgs/202106/ 		0
0
779ec41e9438d87926769f12873d32b7.jpg
static.bg3.co/imgs/202105/ 		0
0
c98665426b0cb0137e55a24db4c50570.jpg
static.bg3.co/imgs/202105/ 		0
0
d5ad1b9156601ced92f13f6df35b7052.jpg
static.bg3.co/imgs/202105/ 		0
0
063c032fc0dc20ad28c3229fd90ca4d3.jpg
static.bg3.co/imgs/202309/ 		0
0
3eba5a515f75e890a81e6a9bdcb604af.jpg
static.bg3.co/imgs/202104/ 		0
0
9101b6b4693153d7825cf1cc776b18c5.jpg
static.bg3.co/imgs/202105/ 		0
0
8da9833ad429efbe52a79d754f304da3.jpg
static.bg3.co/imgs/202106/ 		0
0
cc7234c943917554171c4c25c848cabd.jpg
static.bg3.co/imgs/202105/ 		0
0
6cff1431aea567b0c63630bd4dbf0ffa.jpg
static.bg3.co/imgs/202309/ 		0
0
5cff97f17eb09556dc07f72cb0ae4850.jpg
static.bg3.co/imgs/202105/ 		0
0
d309d5c82336847fa3e59b38b799c38e.jpg
static.bg3.co/imgs/202105/ 		0
0
f0102cabb87464e7b6f48cca1e49ff28.jpg
static.bg3.co/imgs/202106/ 		0
0
eceade44c20edd4043db93443a6e84f2.jpg
static.bg3.co/imgs/202105/ 		0
0
e933ed26638236f65c323964af576d2e.jpg
static.bg3.co/imgs/202106/ 		0
0
59287d9c0336408b8bcc0db3a61bcd65.jpg
static.bg3.co/imgs/202106/ 		0
0
15be1da2f14a55cd4ca10ed3cf0f9238.jpg
static.bg3.co/imgs/202106/ 		0
0
d5f1b6cb4a482f493e942466749b5a13.jpg
static.bg3.co/imgs/202106/ 		0
0
b71a4a711c299a8e4f586c3245c9e2a8.jpg
static.bg3.co/imgs/202105/ 		0
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39r0&_p=122870061&cid=1391071136.1696154057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696154056&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dt=%E5%A5%A7%E6%96%AF%E5%8D%A1%EF%BC%8F94%E6%86%91%E9%80%99%E5%B9%95%EF%BC%81%E3%80%8A%E6%B7%91%E5%A5%B3%E9%B3%A5%E3%80%8B%E6%AF%92%E8%88%8C%E5%AA%BD%E4%B8%80%E9%8F%A1%E5%88%B0%E5%BA%95%E7%88%86%E5%82%AC%E6%B7%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		410 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 08:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3512
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132541
x-xss-protection
0
server
cafe
etag
15229329507080665565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 30 Sep 2024 08:55:44 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:14 GMT
age
397382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2976
x-xss-protection
0
server
sffe
etag
"07fb3dc7eac63481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:14 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309151607000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 26 Sep 2023 19:31:14 GMT
age
397382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3936
x-xss-protection
0
server
sffe
etag
"3d96bab6a7d5a37d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Sep 2024 19:31:14 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
915957
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230077-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1696154057.991382,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 813351
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230926-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
230631
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		75 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A54%3A16.952&lti=deflated&data=%7B%22id%22%3A56%2C%22ii%22%3A%22%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696078399378%2C%22vi%22%3A1696154056949%2C%22cv%22%3A%2220230926-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html%22%2C%22vpi%22%3A%22%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4848%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A4727.640625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230926-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d71e93ba8c6365cb7a7d9dbad18b90bbbff488cf7b75780a787aefdac2613816

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
649
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.4731249999999998
x-fastly-to-nlb-rtt
64043
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230103-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696154057.972396,VS0,VE649
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
age
1448594
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Sep 2024 09:54:17 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
age
4416879
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Sep 2024 09:54:17 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
age
1448594
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Sep 2024 09:54:17 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYxNTQwNTcwNzIsInBhY2tldElkIjoiMDAwMEE3MDEtZDk4MzNlMTUtYTk1Yi00MWJjLTkxZmYtZTZiYTgxM2MxMGIzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXFpYS05NHBpbmctemhlLW11LXNodS1udS1uaWFvLWR1LXNoZS1tYS15aS1qaW5nLWRhby1kaS1iYW8tY3VpLWxlaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=2243.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYxNTQwNTcxNjYsInBhY2tldElkIjoiMDAwMEE3MDEtZDk4MzNlMTUtYTk1Yi00MWJjLTkxZmYtZTZiYTgxM2MxMGIzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXFpYS05NHBpbmctemhlLW11LXNodS1udS1uaWFvLWR1LXNoZS1tYS15aS1qaW5nLWRhby1kaS1iYW8tY3VpLWxlaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2336.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYxNTQwNTcxNzAsInBhY2tldElkIjoiMDAwMEE3MDEtZDk4MzNlMTUtYTk1Yi00MWJjLTkxZmYtZTZiYTgxM2MxMGIzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXFpYS05NHBpbmctemhlLW11LXNodS1udS1uaWFvLWR1LXNoZS1tYS15aS1qaW5nLWRhby1kaS1iYW8tY3VpLWxlaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2340.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYxNTQwNTcxNzIsInBhY2tldElkIjoiMDAwMEE3MDEtZDk4MzNlMTUtYTk1Yi00MWJjLTkxZmYtZTZiYTgxM2MxMGIzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXFpYS05NHBpbmctemhlLW11LXNodS1udS1uaWFvLWR1LXNoZS1tYS15aS1qaW5nLWRhby1kaS1iYW8tY3VpLWxlaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2343.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		206 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=803785872138801&correlator=1160054463190749&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696154057183&lmt=1696146857&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1391071136.1696154057&ga_sid=1696154057&ga_hid=122870061&ga_fc=true&dlt=1696154056605&idt=393&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0_pv%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0664f1a5c21f1d413d8be86a5f116e6d8ad1a59eeac6b72ebbb368dcfad7ef43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56229
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EFE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:17 GMT
expires
Mon, 30 Sep 2024 09:54:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 12:37:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
76621
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13202
x-xss-protection
0
server
cafe
etag
9134410016569746439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 29 Sep 2024 12:37:16 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYxNTQwNTcxNjYsInBhY2tldElkIjoiMDAwMEE3MDEtZDk4MzNlMTUtYTk1Yi00MWJjLTkxZmYtZTZiYTgxM2MxMGIzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FvLXNpLXFpYS05NHBpbmctemhlLW11LXNodS1udS1uaWFvLWR1LXNoZS1tYS15aS1qaW5nLWRhby1kaS1iYW8tY3VpLWxlaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2363.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 08 Oct 2023 09:54:17 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231001
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010e75d6be03368f6ac396722adc361e381ea8d0bff95476c254a92a7703e21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21208
x-jsd-version
1.0.1829
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"637-NPj3CgtQPjxOVsEdk7j+bM2vzXs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s2D8vuKHKyP8BJV19IBkT3FdHy97WpxyYIJ95RwD%2BbAY1AVvsfcyj%2FMKjoW4jc02pzSTix82Gb3Wkl3ah85Av%2BhzTQDkH5FXGqhlKeD5%2FxEb%2BQ7htRb%2BcY9cp4EXmWvaR9Vbu%2FMoyMNRGhp40w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80f3d2ca19333cbc-CDG
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=65072097820&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 01 Oct 2023 09:54:16 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9d3c3b14989fff6ff78794c4e9563df6431537b5d4646b02e92339586754888c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 01 Oct 2023 09:54:17 GMT
prebid
ib.adnxs.com/ut/v3/ 		248 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
36790f007497543bb12c8fcfbf547b038ed0507336e3fc1613ef58683e86be33
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
an-x-request-uuid
ef8b38c7-b369-4316-bce5-ac33bc1aba86
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
248
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
4a3f9d24c2bc8ebbba07d620ee0211f8196f624fa139869d167283a3332accf6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.130.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=bfc47d0c-2f01-4867-a017-523febbacab0%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E5%A5%A7%E6%96%AF%E5%8D%A1%EF%BC%8F94%E6%86%91%E9%80%99%E5%B9%95%EF%BC%81%E3%80%8A%E6%B7%91%E5%A5%B3%E9%B3%A5%E3%80%8B%E6%AF%92%E8%88%8C%E5%AA%BD%E4%B8%80%E9%8F%A1%E5%88%B0%E5%BA%95%E7%88%86%E5%82%AC%E6%B7%9A&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=d31576c9-b30f-4d6f-8878-cc3202da5331%3Bc01f8ba6-0d14-482f-ac4f-eb6fdf248ef5&l_pb_bid_id=11e4709eb9f71dc%3B125e3b0693e6afd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d31576c9-b30f-4d6f-8878-cc3202da5331%3Bc01f8ba6-0d14-482f-ac4f-eb6fdf248ef5&rp_maxbids=1&slots=2&rand=0.8027632983510071
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
51875d1f0cd0edb7ba2a1df7a32c63f5a55b14fda5bfa3e10e90c38dd8809b23

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		723 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1708
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.11.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-11-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80f3d2ca4e005d3a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80f3d2ca4e015d3a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.45.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-45-150.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
358cde51e2732f6a5b501c7ce56dc9b141bded58d4732a5d7f31cb62fac48d12

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 01 Oct 2023 09:54:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ 		36 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a002220b72087220512f456af8b863a01340541c1ab31298bd485317cd32584e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOIrcmTT1wg4zmNGrwEXuJaSpkeG7tfnebM2N6S1jZY%2BV6QKOHaoJirfcxi0Uj5Y5uFXBXmxiJCrIBG%2BpQauVeUMigtnwcx4JBsJQ2rj1BdSW0HGRAHQr7zJ1%2BrLfuXlM9kyZ6aU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80f3d2ca3ce824c0-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d01ed74362af887d7c0d8a940a42773d2866fde76b8d53620218619ffc66cb4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSdiUm8YulmTFaqlKw6eNJ19S1nRZQDW1sQDkXUFYLp2Q0eDV0AkxvyLppqlTPOqnLDBmPT0CNce5xS6ccMI%2BIUnnPfmFpfNiVmmHkk0miRQ6VR%2FuKlNDK1b5NcJs49c4RaGIOuo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80f3d2ca3cee24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d01ed74362af887d7c0d8a940a42773d2866fde76b8d53620218619ffc66cb4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1ZlSj3W58thDNyuQg8xCk6%2B2Np1Ja3JG1m9AII2PaITy3oooxDtNAW3zHkwzlEdwglPZwtIAeUyhYKdnKO4h1SqRKh2Q3HJDNOtxmWHwT8TQbT%2BQLaO2ArcULD330VkZ0WLAPEr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80f3d2ca3ced24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 01 Oct 2023 09:54:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
69
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
5557ef8cb4dd63b5219c8e7f8a6feb6d65157d0b817d4a7c8b69bd69d6a35aea

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid-request
a.teads.tv/hb/ 		415 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
62af0f0e9c56a9df4e8fb2b27152659788f810e79d41318427b3b79a728e7a86

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
306
expires
Sun, 01 Oct 2023 09:54:17 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12009
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIwmotOB5eg8ZI6k8kJ7dvhhfvhxwMpgB2teGjSSWpTG%2B43ZAhqTVffrqRm9DNCIr%2Bah%2FYG3nlahwp4t8r%2BAIdcAdKOc5cLOkX3dhUdKv6NTp5SRP1%2F0RvdOzINOfYZ2iu9%2B8luQAqaD41NW8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
80f3d2ca0ba7bb85-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
072855eaaa1382d69118efb9ad218d835e3f274ddd465f9f270b7f0876bf0af4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8493327598150311&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2437:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:08:10 GMT
via
1.1 a2452e877ff8ccfc473a95b378cd3510.cloudfront.net (CloudFront)
x-amz-cf-pop
MAN51-P1
age
2768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
4JYut1hB5KhyZkKK_Iqghdsviv8BpbvxfhHI-1i0z9zruL3w67DAqA==
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.144.5.218 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
139-144-5-218.ip.linodeusercontent.com
Software
/ Express
Resource Hash
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 01 Oct 2023 09:54:18 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3609
etag
W/"e19-vwRj2d0Nu4XpH6939n9fbHUAS6s"
content-type
application/json; charset=utf-8
pixel;r=1999847200;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1999847200;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1527386353-1696154057343;pbc=bfc47d0c-2f01-4867-a017-523febbacab0;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696154057508;tzo=-120;ogl=;ses=f9385d40-7526-4ccd-b55f-a2d13edc8a73;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cca96cd106699d8f17ed674c6a17a62c26ff33303c66394d59979946a2c161
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12130
x-xss-protection
0
container.html
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5EC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:17 GMT
expires
Mon, 30 Sep 2024 09:54:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
floating-unit.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e8e93a07c22b0beb4570abe4254a8e6072e6458e39ef47b346699b3292ec53e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1eK6XiPQ.sal60.OP7m0.zmH0Q_oPLCv
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
C8C4RCQZ1P1SHZQ6
age
71057
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
N16h1UdbmwGuv3DFHNFqBLMviQRvFkjlmrmOk0vLHrYaF+kPuV4EmY8TD73f6IuiW7DJtdfLgOE=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:10:01 GMT
server
AmazonS3
x-timer
S1696154058.710826,VS0,VE0
etag
"608bbdba041b831e000831e9d6a1f82a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14699
taboola-vignette-new-scanning.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d9f6cdc72459fe781e474e3f20f8e571bdadd848477b35290aeaef14984920e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
m5x4Lxz5zLQGsV.MP0NSljRQPfIjQgK_
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
QSES653JDEQJGWNN
age
71031
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
eoqXL3fJG8WjP80Ws+IpxZ/w3hsj0A5WSlJJVaLI2eAe4GRlJeg2fb7tbm1+lsjITki1CrEYFLk=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:10:27 GMT
server
AmazonS3
x-timer
S1696154058.712056,VS0,VE0
etag
"d0943a7b87368ebb51fdfab730eac805"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12603
distance-from-article.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11970b738fc4cd719bf769ec2dc46cd095d4cee7974a578cbb467fd6aa80ff92

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yMTfF0TG5uqqL9wKIvvk7svRGxcO3Rr2
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
1NB3P1BM16KSJ79F
age
71071
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
g1Zh6ykGr3+4PZeWVlS8EcMvdyUB6P/KMnkKgMu34pCA2/et0QXREwPhF5Eb3EWdQwCo8S9bhus=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:09:46 GMT
server
AmazonS3
x-timer
S1696154058.723009,VS0,VE0
etag
"1084fe114ee2543be9dc09c8f7e2ea12"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
12
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
142721
article-detection.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
139518ebc466fc53d6f7580c4dbda30ddd1f6de47d0ecacf9458a427380a335a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.oPtldVGy1buwW.xMhjYHeO2GAaLpBGt
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
SQFD3Q2SRB8ZN72D
age
71081
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
7IZ4IEjqzvcCJEap4UxbMVXSoeKY5HvfEcZKNnQLhcv3zSkWRGDW8dw22ZeF7UZcSoPekv/vM0w=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:09:37 GMT
server
AmazonS3
x-timer
S1696154058.723241,VS0,VE0
etag
"46d445884bca12d4e9d4329e959dcdd3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
25
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
142842
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.5/ 		124 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230926-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0184c504cb17eca263d2767e44a9c32662cb60821d2744411e70e6c26816a67a

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 2321fbb8557f36154cf3a8b1e2ffc442.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
WAW51-P3
age
346825
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34285
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Wed, 27 Sep 2023 09:33:38 GMT
server
AmazonS3
x-timer
S1696154058.787118,VS0,VE0
etag
"1aea83e6a823fea9d804d1737de139cd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
P_inSwnyd1qgTtlIyY2BEwWR9IhThA12RGe8zljED8QwlNd05-VHgQ==
x-cache-hits
50240
feed-card-placeholder.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8b7faedeb1ea3bfb7cab65e670ae1cc7e9e9a83bd021433a75739cc3f81774

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
V0aPzyur3UJGLi0pK0.rpsL1nEEWsapP
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
0QPHF3HG2Z3EEK8R
age
71065
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
cMJMja/5E5/DKeyNevOE3sEQhR8uJFVSQsMa7h/Gfz6bsHv3V7fGyjcpTGSf7uKc6ZZaq7USV8E=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:09:53 GMT
server
AmazonS3
x-timer
S1696154058.725354,VS0,VE0
etag
"574ae49e33a730f7dad7ebb65153e922"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
24
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
128100
userx.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c521ecf975c872bb8958bef3dc6df89b7f14373128e8f7dbf54b4cce8a408a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wnF.zK1r9wqVYjiBtYFcQOuToYK7fJby
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
55N11D5MD857A7RX
age
71027
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
wIf5dlgW7w9R13pItHW+j/XpcU4uzvdY7Hf+UMF1idwt7GRSLDfNfa6178VICJwNvp7C4aehMD4=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:10:32 GMT
server
AmazonS3
x-timer
S1696154058.728563,VS0,VE0
etag
"fe0f634cb1394c33bdacd6e2ff1738c6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
23422
explore-more.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29df9123bb1d402fdd8875cd35e5cc9e21f6f082a7870d1f8f38899db47c259e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wr5B.w8uvPicji5kuRIwL6vYCbXuJh8z
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
62D41CT1717G7EGR
age
71067
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
jCjyzzYb+DGXA9eRbarg7bWM0+b/V0lmh/x89qj1aTYS3w7UEguilu3cflQcudm9vikhJpRN44Q=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:09:50 GMT
server
AmazonS3
x-timer
S1696154058.736389,VS0,VE0
etag
"b697c74969f4a32274f8f491d331ae88"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
71964
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=11%3A54%3A17.698&id=1253&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1696154057699%7D&tim=11%3A54%3A17.699&id=6892&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696154057706%7D&tim=11%3A54%3A17.706&id=3529&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A54%3A17.724&id=7781&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A54%3A17.726&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6180&cv=20230926-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72125
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A54%3A17.727&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=8007&cv=20230926-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72125
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A54%3A17.730&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=9908&cv=20230926-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72125
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A54%3A17.731&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1&cv=20230926-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72125
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A54%3A17.734&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3659&cv=20230926-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72138
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 Oct 2023 09:54:17 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
36
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1696154058.771295,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
23
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
50
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 304D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79bbddd0120a0f82c9981a77eb96848f5ab845e72c70fd92e54fc10698b8827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7890
x-xss-protection
0
server
cafe
etag
15430934972012217270
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:17 GMT
a1ba7f5a1009a001f9d281517b57e957.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be9a8df846b7ee6cf588a71b54efe0d8b9d6fe9ad0f97414ad63ad297b121146

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
age
984709
edge-cache-tag
291836536956982193353030682078571781899,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
291836536956982193353030682078571781899,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
376
req-referer
https://www.tilestwra.com/
content-length
28870
x-request-id
aaf2618c426fd87123cf9e4445f52e9a
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100175-IAD, cache-iad-kiad7000029-IAD, cache-iad-kiad7000171-IAD, cache-fra-eddf8230103-FRA
last-modified
Tue, 19 Sep 2023 14:49:02 GMT
server
nginx
surrogate-reporting
width=1080,height=810,bytes=101634,owidth=1080,oheight=1080,obytes=408035
x-timer
S1696154058.808501,VS0,VE5
etag
"8b73935312850903b03f48b0e1957392"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 1
a1ba7f5a1009a001f9d281517b57e957.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf86ad8e626a8b1e34f895b05c6511929ec3c7b42a0c6a838b9123b06467b7d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
age
987541
edge-cache-tag
291836536956982193353030682078571781899,407998820415262781924857200179179640603,29ecf9b93bbf306179626feeda1fab70
cache-tag
291836536956982193353030682078571781899,407998820415262781924857200179179640603,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
774
req-referer
https://www.leprogres.fr/
content-length
35070
x-request-id
9755c6e468f25e435a9785b03990710b
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200077-IAD, cache-iad-kjyo7100175-IAD, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230103-FRA
last-modified
Tue, 19 Sep 2023 14:49:02 GMT
server
nginx
surrogate-reporting
width=1080,height=540,bytes=101444,owidth=1080,oheight=1080,obytes=408035
x-timer
S1696154058.808380,VS0,VE1
etag
"6eee1df4cdffe437b9179b5246656427"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
1412762526__B45j1ZMl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
042dbdf4daef7d343987ebd3d9e397319bd6ada5378b67b0aba3ed5bfe028925

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
age
229212
edge-cache-tag
481872427851178894932493478534285875483,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
481872427851178894932493478534285875483,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://recordtv.r7.com/
content-length
23516
x-request-id
17cac386c76c185900919ed803acd638
x-backend-name
US_nlb102
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kiad7000056-IAD, cache-iad-kiad7000169-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:32:34 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=35801,owidth=2121,oheight=1414,obytes=1655296
x-timer
S1696154058.819130,VS0,VE1
etag
"5e13744efc2230ad9eb71be574085258"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
de97da4e5ea43a5c120f39621c2b70a3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4ad80d7d73b7f24ebf06c45f0c0440cb9be0f663436a81dd259d4706d1e03a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
age
1123182
edge-cache-tag
408733366898660953393362977677879303429,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
408733366898660953393362977677879303429,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
465
req-referer
https://www.tag24.de/
content-length
26132
x-request-id
0fb0b7590803bc97570298a178c38325
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100170-IAD, cache-sna10722-LGB, cache-iad-kcgs7200079-IAD, cache-fra-eddf8230103-FRA
last-modified
Mon, 18 Sep 2023 00:09:37 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=32563,owidth=1400,oheight=788,obytes=2079237
x-timer
S1696154058.838036,VS0,VE0
etag
"ebf240bc440e635dcd1b9d473ff0f36a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 19
1415732948__GhgEhZKP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d40c46f151ad280dc12a106cb11b28a2eefae19278d85ecf894ca7dd21643cf1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
age
234944
edge-cache-tag
540114414596061119235685458703267615225,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
540114414596061119235685458703267615225,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
889
req-referer
https://www.forzaroma.info/video/video-roma-la-nuova-maglia-spopola-fabri-fibra-la-indossa-al-concerto-allauditorium/
content-length
148906
x-request-id
58cae028baa56b8fd9ef795c0c642e8c
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100095-IAD, cache-iad-kjyo7100138-IAD, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:12:29 GMT
server
nginx
surrogate-reporting
width=920,height=460,bytes=393111,owidth=2121,oheight=1414,obytes=4236036
x-timer
S1696154058.838312,VS0,VE2
etag
"fa2fae33bfaf351aa707fd7ddd58e1bf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
54da53a054596f9e29cf6fde31365ceb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54da53a054596f9e29cf6fde31365ceb.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e30271f2cc06f1a955536bc859f6fe812e9254ec4f4e925471bfd6833b6fe751

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54da53a054596f9e29cf6fde31365ceb.png
age
2735995
edge-cache-tag
602302843817453595664482622917279601061,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
602302843817453595664482622917279601061,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
116
req-referer
https://www.consejosytrucos.co/
content-length
11770
x-request-id
720f528a6528b7b4c8f164c39ab3da58
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100113-IAD, cache-iad-kiad7000140-IAD, cache-iad-kcgs7200159-IAD, cache-fra-eddf8230103-FRA
last-modified
Sun, 06 Aug 2023 19:56:06 GMT
server
nginx
x-timer
S1696154058.840534,VS0,VE3
etag
"40bf112ee06e92efa6086575d3e9050e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 2736, 1
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f7ffef8f085a2c56250bba51835fbb0d64cd1f1b1c898e88179d8febb1fd62a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
2479234
edge-cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
100
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.readbakery.com/
content-length
8080
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000089-IAD, cache-lax10669-LGB, cache-iad-kiad7000113-IAD, cache-fra-eddf8230103-FRA
last-modified
Wed, 16 Aug 2023 14:09:57 GMT
server
nginx
x-timer
S1696154058.848948,VS0,VE1
etag
"2ab09194cbfd18a791103c6697590d5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 212, 1
a1ba7f5a1009a001f9d281517b57e957.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca2b07f9446d0ceac360b211f13c61a71c5ec6e232ae0d28c43dda06221486d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
age
1040467
edge-cache-tag
291836536956982193353030682078571781899,472513363182029983854917396646817295298,29ecf9b93bbf306179626feeda1fab70
cache-tag
291836536956982193353030682078571781899,472513363182029983854917396646817295298,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
883
req-referer
https://ads.taboola.com/
content-length
41692
x-request-id
39486e4c11bb1e9c1ad52965cf177fa0
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200164-IAD, cache-iad-kjyo7100141-IAD, cache-iad-kiad7000112-IAD, cache-fra-eddf8230103-FRA
last-modified
Tue, 19 Sep 2023 08:53:11 GMT
server
nginx
surrogate-reporting
width=1080,height=607,bytes=116949,owidth=1080,oheight=1080,obytes=408035
x-timer
S1696154058.867101,VS0,VE0
etag
"cfbfc5c86f27357d16f4cf4ae0b40742"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 61
1415732948__GhgEhZKP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b8d375723ca101d2d8db1a996bddc6b96e0556e7dd32c2e4aaff1cebcfd5db4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
age
229367
edge-cache-tag
540114414596061119235685458703267615225,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
540114414596061119235685458703267615225,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1130
req-referer
https://www.familie.de/
content-length
171662
x-request-id
3944e8e83977fa60bdb258715a6f5db6
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200113-IAD, cache-iad-kiad7000105-IAD, cache-iad-kcgs7200085-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:12:29 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=454842,owidth=2121,oheight=1414,obytes=4236036
x-timer
S1696154058.879054,VS0,VE2
etag
"38525d4461bed399cc3efb4ab54c7de6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
1412762526__B45j1ZMl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15758c2db662873dccb219dd54528a4f11a8408eb7f32ef06a7bf402bd57d773

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
age
228122
edge-cache-tag
481872427851178894932493478534285875483,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
481872427851178894932493478534285875483,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
807
req-referer
https://www.telecinco.es/
content-length
60476
x-request-id
31db80f8e7292021227f0d4388655f0e
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100145-IAD, cache-iad-kjyo7100054-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:32:34 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=91778,owidth=2121,oheight=1414,obytes=1655296
x-timer
S1696154058.884868,VS0,VE1
etag
"98c4d8e691d2ef68b13d879aa6bff57a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
de97da4e5ea43a5c120f39621c2b70a3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b60b0182287c737c56da3e2d3d201a5fd23c492e64a97f8456fff803f800d3a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
age
1124525
edge-cache-tag
408733366898660953393362977677879303429,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
408733366898660953393362977677879303429,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
204
req-referer
https://www.tag24.de/
content-length
95904
x-request-id
730b00498ba37cdd3081fd155563e572
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100120-IAD, cache-sna10730-LGB, cache-iad-kiad7000027-IAD, cache-fra-eddf8230103-FRA
last-modified
Mon, 18 Sep 2023 00:09:37 GMT
server
nginx
surrogate-reporting
width=1400,height=777,bytes=197194,owidth=1400,oheight=788,obytes=2079237
x-timer
S1696154058.884851,VS0,VE0
etag
"06e088bdf961a200adc5c84782eefe84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 145, 40
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 37DB 		714 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
13062
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
80f3d2cd5c399262-FRA
content-encoding
br
content-type
text/html
date
Sun, 01 Oct 2023 09:54:17 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sif7LVC9scFDBd8F96IPibI1LloDIiO86FkxJOhWz6w4EqpyNB%2FtOgfDt7a18XQLR5a1cPZw21bUPih6EDJIZ5YbO4SePKOll78x19IRq0LQrqoPSpPJy235Ep8DQY6yGwoSWpBUSJJjiV0Kdg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 86DE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 Oct 2023 09:54:17 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 01 Oct 2023 09:54:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
connection
close
content-length
35
content-type
image/gif
css2
fonts.googleapis.com/ Frame C5EC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Oct 2023 07:57:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Oct 2023 09:54:17 GMT
7a9087b9716ee70ebefd221ff96707f0.js
www.gstatic.com/mysidia/ Frame B750 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 20:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3907
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 20:39:11 GMT
b82bdfcf262f93dfac65c9464684de08.js
www.gstatic.com/mysidia/ Frame B750 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b82bdfcf262f93dfac65c9464684de08.js?tag=video_mra/web_interstitial_raspberry_ms
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb344dea9b4a69e32922668563cb102cf93a21fe2b83db3e679107ceda5e57f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 20:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53806
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 20:59:48 GMT
css
fonts.googleapis.com/ Frame B750 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600&display=swap
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e51fbbf85baa6453dd65f6100a02acc1b6753b09391a0d3f9c72fbfdda0e9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Oct 2023 09:54:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Oct 2023 09:54:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame B750 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
61520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B750 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 09:05:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B750 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
61519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B750 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:17 GMT
fda82c26911938d9c7ca79f9220f8b0c.js
www.gstatic.com/mysidia/ Frame B750 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 20:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15328
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 20:14:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 20:38:48 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame C5EC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 17:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
60231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 17:10:26 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C5EC 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 21:19:32 GMT
x-content-type-options
nosniff
age
563685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Sep 2024 21:19:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C5EC 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 09:34:53 GMT
x-content-type-options
nosniff
age
87564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 29 Sep 2024 09:34:53 GMT
next-up-widget.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32af3ae0a6d10be15af4a0c6568741621abdf7a47d937b033548d20d4cdd7ece

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ilwCxm9fW3B1m59zBMyHeCDUoaPY1l1h
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
RDXAM4X17YGKP7B6
age
71053
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
OvzWftZueB6hZEgxXEHhjbypIU6yopwQ8ZC4NOwwUVWcxCnsN7jmBNeaJSidicBAwYByXmf1/Xg=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:10:05 GMT
server
AmazonS3
x-timer
S1696154058.848962,VS0,VE0
etag
"5a141bb401071a2b453464c4a92ab9fd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14390
a1ba7f5a1009a001f9d281517b57e957.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf86ad8e626a8b1e34f895b05c6511929ec3c7b42a0c6a838b9123b06467b7d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1080%2Cx_0%2Cy_202/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
age
987541
edge-cache-tag
291836536956982193353030682078571781899,407998820415262781924857200179179640603,29ecf9b93bbf306179626feeda1fab70
cache-tag
291836536956982193353030682078571781899,407998820415262781924857200179179640603,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
774
req-referer
https://www.leprogres.fr/
content-length
35070
x-request-id
9755c6e468f25e435a9785b03990710b
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200077-IAD, cache-iad-kjyo7100175-IAD, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230103-FRA
last-modified
Tue, 19 Sep 2023 14:49:02 GMT
server
nginx
surrogate-reporting
width=1080,height=540,bytes=101444,owidth=1080,oheight=1080,obytes=408035
x-timer
S1696154058.916073,VS0,VE0
etag
"6eee1df4cdffe437b9179b5246656427"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
a1ba7f5a1009a001f9d281517b57e957.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be9a8df846b7ee6cf588a71b54efe0d8b9d6fe9ad0f97414ad63ad297b121146

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
age
984709
edge-cache-tag
291836536956982193353030682078571781899,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
291836536956982193353030682078571781899,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
376
req-referer
https://www.tilestwra.com/
content-length
28870
x-request-id
aaf2618c426fd87123cf9e4445f52e9a
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100175-IAD, cache-iad-kiad7000029-IAD, cache-iad-kiad7000171-IAD, cache-fra-eddf8230103-FRA
last-modified
Tue, 19 Sep 2023 14:49:02 GMT
server
nginx
surrogate-reporting
width=1080,height=810,bytes=101634,owidth=1080,oheight=1080,obytes=408035
x-timer
S1696154058.921272,VS0,VE0
etag
"8b73935312850903b03f48b0e1957392"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 2
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.5%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A54%3A17.845&id=4000&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1243%7D%22%2C%22eventTime%22%3A1696154057847%7D&tim=11%3A54%3A17.847&id=4225&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A54%3A17.854&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7902&cv=20230926-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72138
css2
fonts.googleapis.com/ 		20 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230926-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Oct 2023 09:21:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Oct 2023 09:54:17 GMT
spa-detector.20230926-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230926-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
924f55efbbdb95057902d2ac0af0ef7cfb00b167399aec9ed37f5352414ed63e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vh3EBFas6GH5DRT1qnSuTbXvCbIrWG_M
content-encoding
gzip
via
1.1 varnish
date
Sun, 01 Oct 2023 09:54:17 GMT
x-amz-request-id
8XAZ99BSAQ84E7KP
age
71045
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
+/q2M95gKb1adAVTEDr6EwS0z4qRQnNzJajbvVysNTZOBoz9oGjW0q4blu9aVIRuEUmaixeMkWg=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sat, 30 Sep 2023 14:10:13 GMT
server
AmazonS3
x-timer
S1696154058.879126,VS0,VE0
etag
"ada4eab755ec20ca9cb55bbe640c9016"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
72183
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A54%3A17.855&id=7423&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696154057861%7D&tim=11%3A54%3A17.861&id=5400&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A54%3A17.863&id=2718&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9563&lti=deflated&ri=ade8ec308c5f96a76083d219da623b16&sd=v2_61bd6cbf4bb023ed90b40f35da4a2876_7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749_1696154057_1696154057_CNawjgYQ2YJdGPXxo9WuMSABKAEwKziy0A1AyIgQSOig3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749&pi=/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&wi=1194211334014489649&pt=text&vi=1696154056949&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696154057864%7D&tim=11%3A54%3A17.864&id=9905&llvl=2&cv=20230926-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D59 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
52035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 19:27:02 GMT
expires
Sun, 29 Sep 2024 19:27:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A65D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
011b857732e7727f79e0365e2df79fcad55e20c37150cf467741de8fb6a844b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m2UTvhXMQ7PLGvBO9dUQXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-m2UTvhXMQ7PLGvBO9dUQXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:17 GMT
expires
Sun, 01 Oct 2023 09:54:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1412762526__B45j1ZMl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
042dbdf4daef7d343987ebd3d9e397319bd6ada5378b67b0aba3ed5bfe028925

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
age
229212
edge-cache-tag
481872427851178894932493478534285875483,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
481872427851178894932493478534285875483,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://recordtv.r7.com/
content-length
23516
x-request-id
17cac386c76c185900919ed803acd638
x-backend-name
US_nlb102
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kiad7000056-IAD, cache-iad-kiad7000169-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:32:34 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=35801,owidth=2121,oheight=1414,obytes=1655296
x-timer
S1696154058.924594,VS0,VE0
etag
"5e13744efc2230ad9eb71be574085258"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 37DB 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1abf74259a5ac7318cb29bf964eef04913224ae7a56cb04f64a8e0084b741418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29320
x-xss-protection
0
server
cafe
etag
419 / 19631 / 31078265 / config-hash: 9162079683277741110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:17 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9hby1zaS1xaWEtOTRwaW5nLXpoZS1tdS1zaHUtbnUtbmlhby1kdS1zaGUtbWEteWktamluZy1kYW8tZGktYmFvLWN1aS1sZWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWQ5ODMzZTE1LWE5NWItNDFiYy05MWZmLWU2YmE4MTNjMTBiMyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI3ZjdjNjc0My1kMDEzLTQ3MTMtOTZiYi1jMDVmYTdiNDdjZjMiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk2MTU0MDU3MjM5LCJiaWRzIjpbeyJjcG0iOjAuMDMsImFkSWQiOiI3NmE2ZjgyNWYxZTI2N2MiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MjIzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjE1NDA1NzQ4M30seyJjcG0iOjAuMDEsImFkSWQiOiI3OTg3YWU0MDU0MDk0ZmEiLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjI1MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTYxNTQwNTc1MDF9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiaXgiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc2YTZmODI1ZjFlMjY3YyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTd9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjdmN2M2NzQzLWQwMTMtNDcxMy05NmJiLWMwNWZhN2I0N2NmMyIsInRpbWVPZkF1Y3Rpb24iOjE2OTYxNTQwNTcyMzksImJpZHMiOlt7ImNwbSI6MC4wOCwiYWRJZCI6Ijc1ZTgxZDE4Y2JhMDA4NiIsIm9yaWdpbmFsQ3BtIjowLjA4LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDgsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjIyMSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTYxNTQwNTc0ODF9LHsiY3BtIjowLjAzLCJhZElkIjoiNzdlNGRhNzE1NDdlZDY2Iiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjIyMywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTYxNTQwNTc0ODN9LHsiY3BtIjowLjAxLCJhZElkIjoiNzg0OTcwYzAxNmE1NmIzIiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoyNTEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk2MTU0MDU3NTAxfSx7ImNwbSI6MC4xNCwiYWRJZCI6IjgwZmE2MTg5Mjc1MzA3ZCIsIm9yaWdpbmFsQ3BtIjowLjE0LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMTQwMDAwMDAwMDAwMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM2MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTYxNTQwNTc2MzB9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjgwZmE2MTg5Mjc1MzA3ZCIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxNDAwMDAwMDAwMDAwMDAwMX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3060.7999992370605
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
de97da4e5ea43a5c120f39621c2b70a3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4ad80d7d73b7f24ebf06c45f0c0440cb9be0f663436a81dd259d4706d1e03a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de97da4e5ea43a5c120f39621c2b70a3.png
age
1123182
edge-cache-tag
408733366898660953393362977677879303429,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
408733366898660953393362977677879303429,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
465
req-referer
https://www.tag24.de/
content-length
26132
x-request-id
0fb0b7590803bc97570298a178c38325
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100170-IAD, cache-sna10722-LGB, cache-iad-kcgs7200079-IAD, cache-fra-eddf8230103-FRA
last-modified
Mon, 18 Sep 2023 00:09:37 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=32563,owidth=1400,oheight=788,obytes=2079237
x-timer
S1696154058.943225,VS0,VE0
etag
"ebf240bc440e635dcd1b9d473ff0f36a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 20
1415732948__GhgEhZKP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d40c46f151ad280dc12a106cb11b28a2eefae19278d85ecf894ca7dd21643cf1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
age
234944
edge-cache-tag
540114414596061119235685458703267615225,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
540114414596061119235685458703267615225,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
889
req-referer
https://www.forzaroma.info/video/video-roma-la-nuova-maglia-spopola-fabri-fibra-la-indossa-al-concerto-allauditorium/
content-length
148906
x-request-id
58cae028baa56b8fd9ef795c0c642e8c
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100095-IAD, cache-iad-kjyo7100138-IAD, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:12:29 GMT
server
nginx
surrogate-reporting
width=920,height=460,bytes=393111,owidth=2121,oheight=1414,obytes=4236036
x-timer
S1696154058.952124,VS0,VE0
etag
"fa2fae33bfaf351aa707fd7ddd58e1bf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=803785872138801&correlator=2357830801101138&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&arp=1&abxe=1&dt=1696154057916&lmt=1696146857&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&ga_vid=1391071136.1696154057&ga_sid=1696154057&ga_hid=122870061&ga_fc=true&dlt=1696154056605&idt=393&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26refresh27Split%3Drefresh_control_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.14%26hb_ap_adid%3D80fa6189275307d%26hb_ap_bidder%3Dteads%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D76a6f825f1e267c%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a9e8c14538bf3d3f332d91916f841dc3a44889b158e373f65a374f7d37e640b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20445
x-xss-protection
0
google-lineitem-id
5221734854,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440838524,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
54da53a054596f9e29cf6fde31365ceb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54da53a054596f9e29cf6fde31365ceb.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e30271f2cc06f1a955536bc859f6fe812e9254ec4f4e925471bfd6833b6fe751

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54da53a054596f9e29cf6fde31365ceb.png
age
2735995
edge-cache-tag
602302843817453595664482622917279601061,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
602302843817453595664482622917279601061,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
116
req-referer
https://www.consejosytrucos.co/
content-length
11770
x-request-id
720f528a6528b7b4c8f164c39ab3da58
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100113-IAD, cache-iad-kiad7000140-IAD, cache-iad-kcgs7200159-IAD, cache-fra-eddf8230103-FRA
last-modified
Sun, 06 Aug 2023 19:56:06 GMT
server
nginx
x-timer
S1696154058.954035,VS0,VE0
etag
"40bf112ee06e92efa6086575d3e9050e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 2736, 2
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f7ffef8f085a2c56250bba51835fbb0d64cd1f1b1c898e88179d8febb1fd62a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
2479234
edge-cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
100
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.readbakery.com/
content-length
8080
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000089-IAD, cache-lax10669-LGB, cache-iad-kiad7000113-IAD, cache-fra-eddf8230103-FRA
last-modified
Wed, 16 Aug 2023 14:09:57 GMT
server
nginx
x-timer
S1696154058.969663,VS0,VE0
etag
"2ab09194cbfd18a791103c6697590d5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 212, 2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 304D 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86da27425eadef5e7cfe8652d3168d6260bd12706bd09304ed0ef8d6f4bd95c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50750
x-xss-protection
0
server
cafe
etag
17344621452513665164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:17 GMT
a1ba7f5a1009a001f9d281517b57e957.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
866018151da9573f1a1a27f72db28272d0a26a4a0bbae2f3e9c4a5e9a87c6ad1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
age
985088
edge-cache-tag
291836536956982193353030682078571781899,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
291836536956982193353030682078571781899,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
16
req-referer
https://revistaquatrorodas.com/index.php/2021/07/18/revisao-do-plug-in-hibrido-land-rover-defender-2021-o-erudito-landie/
content-length
5506
x-request-id
872d4804aa7e9e2d8fbcacee6e6734b2
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kcgs7200034-IAD, cache-sna10735-LGB, cache-iad-kiad7000130-IAD, cache-fra-eddf8230103-FRA
last-modified
Tue, 19 Sep 2023 14:49:02 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=13450,owidth=1080,oheight=1080,obytes=408035
x-timer
S1696154058.030878,VS0,VE1
etag
"dd45a21db10eb202be0b6c184dd0ab35"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 22, 1
1415732948__GhgEhZKP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1efe4c58e023e3413e573feff7ada9e719a752d8fa4fec36c2847c7a4be9dcc9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
age
232227
edge-cache-tag
540114414596061119235685458703267615225,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
540114414596061119235685458703267615225,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
611
req-referer
https://zenlifemag.com/20-healthy-foods-that-will-help-you-fight-depression/?utm_source=taboola_24558323&utm_term=mobitech-tn-launcher_1304163&utm_content=3682447538&utm_medium=GiAqOF8mBj9ATzakg8_RwKdMgfEVsOUzzM7NvvyJTPuYaSDrvlEozZvWjMep7fkB&utm_campaign=FoodsDepression-2-ALL-A-TB-ZLM
content-length
10978
x-request-id
ec7043ef15f28a90a65d5a3e63933e1d
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000128-IAD, cache-iad-kiad7000149-IAD, cache-iad-kcgs7200045-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:12:29 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=22568,owidth=2121,oheight=1414,obytes=4236036
x-timer
S1696154058.030849,VS0,VE1
etag
"ca154cd257d665388bbdbe1a04598530"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
1412762526__B45j1ZMl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5333f10a6cd01688e856436a2cec8999da9fe005a6c1ca2fabd59e0ac21e30f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
age
226770
edge-cache-tag
481872427851178894932493478534285875483,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
481872427851178894932493478534285875483,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
679
req-referer
https://news.lankasri.com/
content-length
8608
x-request-id
adfecf9ba5811fab240882e73de93241
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kiad7000160-IAD, cache-iad-kcgs7200076-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:32:34 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=11263,owidth=2121,oheight=1414,obytes=1655296
x-timer
S1696154058.031177,VS0,VE1
etag
"94d68983395b52153d58497c1502cd5f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
usync.js
eus.rubiconproject.com/ Frame 86DE 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67c8d8003bc0741220785a7d57d2db612a706276388204fa25382986ccce40eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Sep 2023 12:21:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8841
Connection
keep-alive
Content-Length
10474
Expires
Sun, 01 Oct 2023 12:21:39 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/ Frame 37DB 		410 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078265
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0084510e182b973087940eb0cdae2f87b1165a3082bb87bd6db73a2ee8800ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 13:38:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
72955
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132541
x-xss-protection
0
server
cafe
etag
12590920608456914078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 29 Sep 2024 13:38:23 GMT
VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
pagead2.googlesyndication.com/bg/ Frame 090F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
396966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14820
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:12 GMT
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 8D59 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
171294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 10:19:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A65D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309260101&jk=803785872138801&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a1ba7f5a1009a001f9d281517b57e957.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
866018151da9573f1a1a27f72db28272d0a26a4a0bbae2f3e9c4a5e9a87c6ad1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a1ba7f5a1009a001f9d281517b57e957.jpg
age
985088
edge-cache-tag
291836536956982193353030682078571781899,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
291836536956982193353030682078571781899,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
16
req-referer
https://revistaquatrorodas.com/index.php/2021/07/18/revisao-do-plug-in-hibrido-land-rover-defender-2021-o-erudito-landie/
content-length
5506
x-request-id
872d4804aa7e9e2d8fbcacee6e6734b2
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kcgs7200034-IAD, cache-sna10735-LGB, cache-iad-kiad7000130-IAD, cache-fra-eddf8230103-FRA
last-modified
Tue, 19 Sep 2023 14:49:02 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=13450,owidth=1080,oheight=1080,obytes=408035
x-timer
S1696154058.099929,VS0,VE0
etag
"dd45a21db10eb202be0b6c184dd0ab35"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 22, 2
1415732948__GhgEhZKP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1efe4c58e023e3413e573feff7ada9e719a752d8fa4fec36c2847c7a4be9dcc9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1415732948__GhgEhZKP.jpg
age
232227
edge-cache-tag
540114414596061119235685458703267615225,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
540114414596061119235685458703267615225,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
611
req-referer
https://zenlifemag.com/20-healthy-foods-that-will-help-you-fight-depression/?utm_source=taboola_24558323&utm_term=mobitech-tn-launcher_1304163&utm_content=3682447538&utm_medium=GiAqOF8mBj9ATzakg8_RwKdMgfEVsOUzzM7NvvyJTPuYaSDrvlEozZvWjMep7fkB&utm_campaign=FoodsDepression-2-ALL-A-TB-ZLM
content-length
10978
x-request-id
ec7043ef15f28a90a65d5a3e63933e1d
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000128-IAD, cache-iad-kiad7000149-IAD, cache-iad-kcgs7200045-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:12:29 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=22568,owidth=2121,oheight=1414,obytes=4236036
x-timer
S1696154058.100253,VS0,VE0
etag
"ca154cd257d665388bbdbe1a04598530"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
1412762526__B45j1ZMl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5333f10a6cd01688e856436a2cec8999da9fe005a6c1ca2fabd59e0ac21e30f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1412762526__B45j1ZMl.jpg
age
226770
edge-cache-tag
481872427851178894932493478534285875483,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
481872427851178894932493478534285875483,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
679
req-referer
https://news.lankasri.com/
content-length
8608
x-request-id
adfecf9ba5811fab240882e73de93241
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200159-IAD, cache-iad-kiad7000160-IAD, cache-iad-kcgs7200076-IAD, cache-fra-eddf8230103-FRA
last-modified
Thu, 28 Sep 2023 12:32:34 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=11263,owidth=2121,oheight=1414,obytes=1655296
x-timer
S1696154058.100191,VS0,VE0
etag
"94d68983395b52153d58497c1502cd5f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame 304D 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca5cc7635adb919849a168cefccd2d840c90910988a104f8e91d33763b3b49d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131213
x-xss-protection
0
server
cafe
etag
15066676889024391977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame 1D01 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
62530
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 16:32:08 GMT
etag
2603938475786422795
expires
Sat, 14 Oct 2023 16:32:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 86DE 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
st
imprammp.taboola.com/ Frame CEEC 		422 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&cmcv=&pix=undefined&cb=1696154058140&uv=145276594&tms=1696154058140&abt=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vD!ul145276-594_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c3c1a98b-4cc2-402a-89fc-77a4bdb054f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce15bb918722954d1ad3d4cda4f31217857dd009a83455f659a322601ae76304

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 01 Oct 2023 09:54:18 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230103-FRA
x-timer
S1696154058.187091,VS0,VE10
sync
am-match.taboola.com/ Frame 3F70 		439 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
247d8aadace8960f49bb922060335d39479181bd58d5039afaa0100fd3a0bcc1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 01 Oct 2023 09:54:18 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696154058147&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1557&pt=649754130&tz=120&viewable=true&ddast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vD!ul145276-594_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b12cb7b9d35cd9b173edb4230119c2422b5747eee4171cbf34ab8f27903d5a3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1459
x-cache
MISS
x-served-by
cache-fra-eddf8230103-FRA
pragma
no-cache
server
nginx
x-timer
S1696154058.166853,VS0,VE260
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&cmcv=&pix=31589837&cb=1696154058140&uv=145276594&tms=1696154058140&abt=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vD!ul145276-594_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696154054829.9!ts:1696154058140&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-length
0
server
nginx
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-120.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:53:50 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-P2
age
5973362
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
cdg1::5jf72-1690394030373-77073517fca8
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
FVwMikOVEA9bm4JL5OjZfROPumXvIDlpRadOZpA35m8ba2VTrgR14w==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		465 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-588
cdn-cachedat
09/22/2023 04:09:06
cdn-pullzone
873945
last-modified
Wed, 02 Aug 2023 08:32:45 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ca14ad-7435c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
6b205fd74db19bfb56e823b14b707693
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
ads
securepubads.g.doubleclick.net/gampad/ Frame 37DB 		498 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3558447428317118&correlator=1457539722088127&eid=31078265%2C31077695&output=ldjh&gdfp_req=1&vrg=202309270101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696154058230&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=bn6fpt2eap6a&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1949614122.1696154058&ga_sid=1696154058&ga_hid=405697533&ga_fc=false&dlt=1696154057883&idt=331&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fab25b903a6cce20bf3be041967945c63bc3d9af152af08534728c27100ee3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
45f24457e91ebafed2a4bebb122fd0bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D1CB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://45f24457e91ebafed2a4bebb122fd0bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:18 GMT
expires
Mon, 30 Sep 2024 09:54:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame CEEC 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&cmcv=&pix=undefined&cb=1696154058140&uv=145276594&tms=1696154058140&abt=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vD!ul145276-594_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c3c1a98b-4cc2-402a-89fc-77a4bdb054f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749
pr-bh.ybp.yahoo.com/sync/taboola/ Frame CEEC 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&cmcv=&pix=undefined&cb=1696154058140&uv=145276594&tms=1696154058140&abt=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vD!ul145276-594_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c3c1a98b-4cc2-402a-89fc-77a4bdb054f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame CEEC 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&cmcv=&pix=undefined&cb=1696154058140&uv=145276594&tms=1696154058140&abt=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vD!ul145276-594_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c3c1a98b-4cc2-402a-89fc-77a4bdb054f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.97.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-97-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 3F70 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 3F70 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 3F70 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
view
securepubads.g.doubleclick.net/pcs/ Frame D75A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-nlNGk7SY-AllAccAXOs2oIm7r9T60rlflUn1tpWNgppwSq4BrhEr74MrOenwe42m2OepZnh3KP1ZoMe5rjMhe8XpUaiOFrvQ9zD84Ab47T2q6dy9BOFh8EeDtJOyEyPecYxAgcHJVoCNvhXgxtHmvJAUVoFNaLglsCbn7KR8zr67Yk9bV1EvEDTfQWqKnvNGMVpHPFKqcMAhZ4YRpU676iwhM3nwkKFk2l6r8ChlLQqMJ3lzBoZjxklLirDE9KAkiXbxeaXJYIl2kluI-FJATV3pHsvUzJ9inVT4D1EVigR740EnjBvmKE1g7N6saiN6&sai=AMfl-YTdV8kUTU8-80eArXvCRYZ47LjI8k-2zrCICuUmQS57sU1_8fjkMlWI8IIDSmtniVto6nPd2Ig6dTJpViUiLKVaEAm2pArSyJzVgHpuDAWJH3AsH4z6aIwdcIym8Cc&sig=Cg0ArKJSzP9bO4E7iADsEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:1f91:c35:2fc1:60fb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03
a.teads.tv/hb/ad/ Frame D75A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ceed09defdba709811ccf53273572667dbd45ea05d51d2744954d185e9dfd90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3614
expires
Sun, 01 Oct 2023 09:54:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D75A 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:18 GMT
container.html
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 327F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:17 GMT
expires
Mon, 30 Sep 2024 09:54:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9hby1zaS1xaWEtOTRwaW5nLXpoZS1tdS1zaHUtbnUtbmlhby1kdS1zaGUtbWEteWktamluZy1kYW8tZGktYmFvLWN1aS1sZWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWQ5ODMzZTE1LWE5NWItNDFiYy05MWZmLWU2YmE4MTNjMTBiMyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxNDAwMDAwMDAwMDAwMDAwMSwicmVzcG9uc2VUaW1lIjozNjAsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxNDAwMDAwMDAwMDAwMDAwMSwid2lubmVyQWRVbml0SWQiOiI4MGZhNjE4OTI3NTMwN2QiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiI3Mjh4OTAiLCJwcmViaWRBdWN0aW9uSWQiOiI3ZjdjNjc0My1kMDEzLTQ3MTMtOTZiYi1jMDVmYTdiNDdjZjMiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3467
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
idsync
sync.aralego.com/ Frame 86DE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LN7ABYR9-12-I51O
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN7ABYR9-12-I51O
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN7ABYR9-12-I51O
Protocol
HTTP/1.1
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN7ABYR9-12-I51O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:1f91:c35:2fc1:60fb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvYW8tc2ktcWlhLTk0cGluZy16aGUtbXUtc2h1LW51LW5pYW8tZHUtc2hlLW1hLXlpLWppbmctZGFvLWRpLWJhby1jdWktbGVpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvYW8tc2ktcWlhLTk0cGluZy16aGUtbXUtc2h1LW51LW5pYW8tZHUtc2hlLW1hLXlpLWppbmctZGFvLWRpLWJhby1jdWktbGVpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 30 Sep 2024 09:54:18 GMT
date
Sun, 01 Oct 2023 09:54:15 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
/
pro.ip-api.com/json/ 		117 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
05d08270ebc1472611db60cfea197498daa929470e078cce5c48639d3df234f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 Oct 2023 09:54:18 GMT
Content-Length
117
Content-Type
application/json; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 37DB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b5972951f1b2a2daeecd828eec88b97970825e71b314b1f2a04a73a14784d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12254
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 986D 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNXW62z244arIdoyN___dRMEjV7w4cdlNy4_9iwr2M5IWecYanmsXXil9KYc1BgwFtR7d7fHnWM7mlakkSjijovMTDI_FQ
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 327F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 327F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlJTgfTrYaaknQNE-RlCKSWcVKpQ2EHNMZgBMvFdA_dkl_cabT6geCtDvuQHUDZNNVL7ssw0Tq2MYIFT5KNsDn20HqsdUaBIxQ8jrjZ-VFrZGHTnA
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 327F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13959187319415812485&x=1&ct=77
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 327F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2928
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 09:05:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 327F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
61520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame 327F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5tjpKumepruiy8iDnGtIy1qrKRAhHsUlsYUQapoH3vkQhTq0QEdnIJRWye_8l5UQilEF0I-eiSJ7_DWDfJRkWMTFyJg
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 327F 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:18 GMT
generate_204
tpc.googlesyndication.com/ Frame 8D59 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VkH55A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
teads-format.min.js
a.teads.tv/media/format/v3/ Frame D75A 		599 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3568f85c0725b99d2496f15ecce533eee9e324acd15b7bc65a5dba221f9d6a21

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
last-modified
Wed, 27 Sep 2023 08:46:44 GMT
x-amz-request-id
MQ5XEBNSC31TYG9W
etag
"e360cdc76fca6bf903040f838e4ebd67"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
b
accept-ranges
bytes
content-length
133759
x-amz-id-2
Q318X6ubtf4v3+64NbH0drSOPRPl1YBhqr3vmxvxlBEusAC1PCiKqMaL03rDby1sB2dGM21cGAA=
expires
Sun, 01 Oct 2023 10:24:18 GMT
truncated
/ Frame D75A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dad1a8fe69fc960c968927b2a97345d3ec565cdcf110cd312a3bff5d3d9d6f5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 86DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE43QUJZUjktMTItSTUxTw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED-3NiDq4DZHACJXkH8U-tM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE43QUJZUjktMTItSTUxTw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE43QUJZUjktMTItSTUxTw==&google_push=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE43QUJZUjktMTItSTUxTw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 86DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFtsyec_AmfaghoJ_KPc7yA&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFtsyec_AmfaghoJ_KPc7yA&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFtsyec_AmfaghoJ_KPc7yA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 86DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDA1OGIyZjhmMTU5NTBkMDVmMjdhMzc3YTI2MmUwZTEzYzk5MWQ1NQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDA1OGIyZjhmMTU5NTBkMDVmMjdhMzc3YTI2MmUwZTEzYzk5MWQ1NQ
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDA1OGIyZjhmMTU5NTBkMDVmMjdhMzc3YTI2MmUwZTEzYzk5MWQ1NQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 86DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mUiNykrfuJXmuFK2wjyYNsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-erlUSK1E2oJV_xFyJf6tprK_rVL3_pcHArhbKw--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-erlUSK1E2oJV_xFyJf6tprK_rVL3_pcHArhbKw--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-erlUSK1E2oJV_xFyJf6tprK_rVL3_pcHArhbKw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 86DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN7ABYR9-12-I51O
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN7ABYR9-12-I51O
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 942710E66AE44FB1B7FCE232CC1D0F14 Ref B: ZRHEDGE0919 Ref C: 2023-10-01T09:54:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYGpKQoG/28pbGbKyp2Pw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN7ABYR9-12-I51O
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 86DE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jT_SVuZTR_2jlOVZIJY0Ug&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jT_SVuZTR_2jlOVZIJY0Ug
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jT_SVuZTR_2jlOVZIJY0Ug
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCSHJYNPAV0XDPTGTP6X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jT_SVuZTR_2jlOVZIJY0Ug
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 86DE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7WrC0FpnRZun11hUcMEsWg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7WrC0FpnRZun11hUcMEsWg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7WrC0FpnRZun11hUcMEsWg
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4W4EHJMCXEF3AHRBX1SA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7WrC0FpnRZun11hUcMEsWg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 86DE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 86DE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACLek7KMoQAABkYTfiLDg&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACLek7KMoQAABkYTfiLDg&expires=30
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACLek7KMoQAABkYTfiLDg&expires=30
Date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame 86DE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LN7ABYR9-12-I51O
43 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LN7ABYR9-12-I51O
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
an-x-request-uuid
6f041359-8ab9-44a1-bfdc-deda33c07183
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LN7ABYR9-12-I51O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
liveCS.php
live.primis.tech/live/ Frame 86DE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN7ABYR9-12-I51O
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN7ABYR9-12-I51O
Protocol
H2
Server
2600:9000:2437:5200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
via
1.1 4c91cb6d4a85f3aca5c056a81231821a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MAN51-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
bFZB_JX6W7Wsv-khnRid4m_Q8wXtb2jb1WaGuGGoYQx_Suh067Af_Q==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN7ABYR9-12-I51O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 86DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LN7ABYR9-12-I51O
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN7ABYR9-12-I51O
95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN7ABYR9-12-I51O
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LN7ABYR9-12-I51O
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 986D 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNXW62z244arIdoyN___dRMEjV7w4cdlNy4_9iwr2M5IWecYanmsXXil9KYc1BgwFtR7d7fHnWM7mlakkSjijovMTDI_FQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 986D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNXW62z244arIdoyN___dRMEjV7w4cdlNy4_9iwr2M5IWecYanmsXXil9KYc1BgwFtR7d7fHnWM7mlakkSjijovMTDI_FQ
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEXoB4PnlC5sqLAcvQ3%2B4CsrehmEvzt04CXOryexAMs%2FnNQSCccKH%2FT%2BFIMRAHFe1ZOgj5yprBUOtrslp%2Ff1vqSzlnqe3m6%2FAS6FjpE%2BeGRv%2BoC%2Fsy9WTMpifZ2jnj%2BcwQdeqSB9nJlQpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2d2591524c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 986D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRlBytX2FjzeDy.4kC0mEAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1&google_hm=2
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNXW62z244arIdoyN___dRMEjV7w4cdlNy4_9iwr2M5IWecYanmsXXil9KYc1BgwFtR7d7fHnWM7mlakkSjijovMTDI_FQ
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghUthe0Ep5h92gOUSiLVnLHu7xjiePhZoUnoL0QfK9l5XhwG8TPnHexmGDF%2FwZWyMJr5HtpKyijJoHfRhzlFvQ2xvcM1e%2FmIBTokVzl2jO90atGTZUyP5vYDWyYTowIUa9txwhynFx6WiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2d3eb4b3c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDIkKbImhPoIJP_IqGfbenY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
160576511e49307920938f54a86f8591
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
/
pro.ip-api.com/json/ 		117 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
05d08270ebc1472611db60cfea197498daa929470e078cce5c48639d3df234f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 Oct 2023 09:54:18 GMT
Content-Length
117
Content-Type
application/json; charset=utf-8
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 14:29:50
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
83435e51c8f4bf33fc219199eed8e181
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-165
cdn-cachedat
09/22/2023 13:07:19
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
0fbfdc90aa7b803030c25287c48be5dc
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-662
cdn-cachedat
09/28/2023 12:52:20
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
2762297616e9f1c78bc614d842a80403
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-680
cdn-cachedat
09/28/2023 12:54:34
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
f6930ff79072d65d3db7b8aabb194009
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125651
x-xss-protection
0
expires
Sun, 01 Oct 2023 09:54:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 37DB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309270101/pubads_impl.js?cb=31078265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 Oct 2023 09:54:18 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/145276_594/infra/ 		881 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/145276_594/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
12f671dc70e03fd34ff707eee40017714886632aeae47cd8e581517e79caaf9b

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696153783
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0PV23ZNARN6YBFSE
age
144
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696153784
x-amz-meta-mode
33188
content-length
147012
x-amz-id-2
IPIWIS+qw30F6dYHPjkdMxaZzBGSyYumdgCiJBuVKb0u5Y10NTFLK4NCsP/Rp6Zv51rmNMYVqOY=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Sun, 01 Oct 2023 09:49:45 GMT
server
AmazonS3-br
x-timer
S1696154058.477769,VS0,VE0
etag
"76607e75a1d8a4ef30e4276227b9084c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
23
cmOsUnit.css
vidstat.taboola.com/vpaid/units/145276_594/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/145276_594/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1696153802
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
XNWJJBYW9WN6XSQH
age
146
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1696153803
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
AY4gavEdjKrgTx1Ud3/ryjuWa/mBIgxAWlantvOnkT9I4a1k7btJ5XIo4EhOfdOK/UzV9Nrnvac=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sun, 01 Oct 2023 09:50:04 GMT
server
AmazonS3-br
x-timer
S1696154058.484796,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
33
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&pfid=42&env=js-web&ut=1&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&sid=192517&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=sLumn9M0j8-ZBZYB6bbC5NdU&cost_curr=USD&analyticsOnly=false&brid=7119&mrs=prg-710&ad_source_id=119&dsp_campaign_id=3104180&dsp_creative_id=67069920&fms=9&p=vo7eI8emJps9Uyt_Y9gZ2J-waICd_gUYpFNMV36_4_Ft9w&cts=1696154057594&cs=-535199257889951243905&1696154057594&slot=native&hb_w=728&hb_h=90&fv=1262&ts=1696154058509&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
iframe
sync.teads.tv/ Frame EA4A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
b6935fd190a45ea93455396cdf39b4de524d53085fce0d1d12d71b28a015b80e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
741
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:18 GMT
expires
Sun, 01 Oct 2023 09:54:18 GMT
pragma
no-cache
server
akka-http/10.2.10
vary
Accept-Encoding
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&pageId=154680&pid=169092&hb_provider=prebid&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&slot=native&pfid=42&fv=1262&ts=1696154058513&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
truncated
/ Frame 689A 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
teads-vpaid-display.js
a.teads.tv/media/vpaid-display/ Frame 74E4 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/vpaid-display/teads-vpaid-display.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9f9872c92f4d1288d8f13c559b33b97257040baa8e87f030c03753442bb7f423

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
last-modified
Wed, 27 Sep 2023 08:47:05 GMT
x-amz-request-id
3M883WCNRVQ6B2TY
etag
"0a36794b53118888f0da6906306c2869"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
b
accept-ranges
bytes
content-length
26215
x-amz-id-2
zFL5DW5yc9kG6cP4zeBtsfQzAaraTqO1s6zVeY0RaQ6Gyd4QKVcqdnRPsRsrgXu0Y9H+Zv0AVBY=
expires
Sun, 01 Oct 2023 10:24:18 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 304D 		210 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20639d64ec168737e7f300a86c4eb7cde60c427523804b4aa3211a8b69b1fbf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E97D 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3276ff37f3543bd6d4c95c7156273fa1bded3f279f8c311ff53ce605c54e0c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12562
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 327F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5126231580410&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 327F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5126231580410&version=m202309120101&ct=77&x=1&cor=13959187319415812000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 327F 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cnzmb3SgYeVorVhwpyOppbJHzIIeYDBbHJy4svN9lqqnZhykP7Y5B_wXnY-oFOnySMDMyDhLu95hKStPctYP5UeM6r9acFeKjyHPCJ2XSqqyo5oU4_sAmaXu44BBLiwrcf2eKfc0YJwdU88do2zTh7sXd5zerUpoDYrIlSKJsgDBlLARc&cry=1&dbm_d=AKAmf-C1xfzjUIHEAshRSUXTrwtf_CCsvGD4hVFO-GJ4i021dNZQYD870w1UuJC66FmLaBU4Wj04gBLnLL_56fKcYTg97ieChipSu7u8KF9Vc1It7Ufglrrr5uxZOQxg96vUAVamrVTHy2tqLH0NHM40Oaj2wIB_AkK_5eWIwFnhRl3136kcMZg5duNm6Xec6_uRDZKaeLyiBONp0N1rOFpE2UW3UhaZ8PTxzRrn2x3AEj3xh-F9tRr6btPNjDDTiHfQwAEDGbd186gIsdgxOyeF7xEKH_aA_PsVmwCu3sckpg1lVAuhIoNNZMrP2WVqAXyMa2sO4P_U6E3Zjif-L3P8oV4Q2KTRl1QbPrTAhOBeEfMj42H_aAVhy5u5C0bfx8CFZAr_tPwfYfreen007y1v8nyK9LiwnN-zgKwJUzKbXsPi4KnGZY2wSrepLaUYx1HPoQf01JagrlPKS2LESHX9eyOnZk_Fh044WuZO1IBZwk6uk5c9wac346k5O6jGEx3Qx9GvOzyIQyrIXo_dXjEut_gmMjhlgIXMWi29-rqnFnBmzKQlwXL3fokL71poCcFvoj-Ffs2mswtd-tOFjHZUO_p1AzdSSlMSs7PJIJLsdILf0755TPBNYpaIKnkTljh88MMFFaA-E8t0iuLylSaPMNk8TLPO8qCkl1weDSphYIuDJi87NEkxhPHcOqjYrNBXgZOL42bsBoPw3oqk8kMne_MzJ1qxhCDu3Liq9JlH-HeRfv4evGqc2X_lMLG7YxRF3R7l5CAzkyWtR5zEH-PvnASSt6k5c6Sx8bACKqHdlAb-8yKA5A178f8ZLfGSoKp3K2dV871t9dqEhFxPnS9Rr8qWzlx8tCm5ColUH_ArHV0YkcfQ5X-e_Up1MzUyytxGtoCdJzdVYIk7KwvR4vLN5U2edu3_yHNqVGUQ23l-9QnGgbekb3Lafr0Zapyt7kIUxmiL86WSCt9q4yfVzJx_sGs6X5BfaR1x3XPo1K_9mJnK18DtcVgErBh9LUPzuIoo44iof-hNRV4l97W80pvqtFkCiVsA7h6O5rbpchOaCyBo12y_upJJhMOXrNhc9Y4mkBN7NhCSfKyF6BRbRq5HS8elL78eb4f-yCp3DKT_u879bbHri-InqGDsWz8rIR8dHSE0Ei__apPEwZNMtpGMtYjGexc-8NXo5cFIHCzJQ0SgZuodkmaC4FlgvAdF9CqAbueKwlXbClAnDD_Dl4lbUIytYO708l_0w_FN_qYQWbC7rzUOVmx0Yxbg1czqMfwbTM3n7xqS2A1G-6ZMSP-KzpV5xktQ2m3aiNFEmKW3FVa5jW6b9cDDBH4t04pGmEEKrzLC--KuSu7lfOpN21HnkSp_l1I-lU582m45o_RQWk_oNjfaATeYTuEMosOeoVKMQT-ajj5q6B9PJKLJNK7pjG5dCKbcz34rHFOts1ncdiTdmnNXluzEsZPEwmNRabzyjIag4t144c-vZN2HMKfLiH3s5wURQLDvcQFk3Em3z-vz0ONVevEAe3JrGtMLSLCNZEq0bBYik427y-BlISL5y1IdV9alVmKhVAUqLG04r-EGFrPWDKNjGZVL5a6Z5gRzD1GTKM7J3Ms_T0TxS2uSBjLv4iL5JQty8WSO42B4oS_xaxJdJjaV3cOCf_vAkNZP-Z_sMHjg722s_5C8iMlcNdBaWOgSpu5T9WkPm4hmr618HsdvJ1NAD0j2rIcgA5uCpC9hzINRyjd4ujW4LpZGZwskZJ9cuijacMD0Cai6LQpXAEKQhuM3m1tKNWfxUI3lPXsNMNy7EDq-eFTCPtTZ2dnbsYgqh_vc5lVcvWQemFcCCW4Fh9mSaPN6ABfZXE-wY8_n3MUcmNLF7E--OSzozsltJyzTJuq5eVYzALnC4WIFcTIMvMvBU_4VubAfl2NnzgSNCDc7tTNTWVaAhHXjTXBsa1sNVru6D-QgNvsVTNEKnWURji5zvNsxD9KovyVO2XOx6W1r97sY-RaVHzvmMAwdkkxViKTitr_XFvrapos5F98e6bQdkpyTBJkLBdYuY7tyGOhruBZzGtko1uqW4HZF0DLRoXTMUHptMLENwrYbA3TtlUCn0IK9skwF9zFicYiSpowh3NRm8Xg4TRgQ-ayK3UCy9hqOeVV07-lc2FK9hIABdnUZkdLz1p--4X3O8P1fjsCrvqYkhO7SVB-z3icN4lDkRcLl2gka0e5q2I9XsIE61ouAWzmBx9Ju05xlTCYdcP-WcfwWiCsDIVHyJLwEOXEEpLBjAnPl7D5T8sy_B7JpocNkxKB6qtzgE8xDY2e0Tq3m8Cog4mqPDggzUDCmw9GSBFmhPQvYk9ZPnTyjPKI_d9ms30azgvkdX9cjFfDMggVw5SvVGz4WlX2-c8jGnkZt4fRiXI7xOywFq247PRWKX4olFt2vtbgEas_jQeC-G8qCTA8Ji0D8WzjQXApuwYMvejPQcZPtKzK_G97wDU3ThIGYD5dfVH-UBMkEg1c3u9GtOskPbQ9oMDK9CoftSuiag8yFDli3zIlSUTAD3auAnPS2vp_dekk_KxmxS6yOJu3RSjizG96TS72qnygl3OsX_3xv6biRckbaSJD8DGPD8cwqI4tOQUIO9U-Eg3Nmxhq6m4fIWia51qRwWUctJOCvknNszIoF_vkjbh11w1gTeFu_c8oraft59wX6x19STZ3uqwA1ZswW7WqawhVfaLtQ9eongc_WpgPtW5SO-9QCUjXPAaAiGIyyVHiKmqWJBuJZD2GV2HOmEK2Y07VZw2E_FMe5p61aneu-No_dMwFplqVHYwuZr28bWVJHGJ50o6ZB_PMyoYcVfkfAR2b_WP5y98-2bi3wWkNEJWY9wUG1GN3fmqAPFYk4L_cMgjJfEqSbFfXK910CNOyvGYLxxwzFE89Io66DRV2vNB2ccWmjlo1S7WThPezKd3BJqGevut6eziHWajD8QbwGcKEb0-eGaCSxozH0khO8bd3oZlhuRdsy2sinPiDP0H8dvWXJSBATlSOBO1JIy3eGnXylPPcyknhiX1d67s7HII9cJy1eMCetTNFjq3aNJ6IniXynRJ6QBpNvPrlrqGFG7Vwo8-yHeJNK1HrBFbpvTNDOj4_13DyPQPa0V2F3VcNcRpHfoWGf1Bbxn--0cq6qPprQcjIu5qj99L-_PwkTZgpVejkqwZSjBbKIkqbJqUgb5foGa7xWpXPaBAPzLPKyZOafAhmu3JaxujGS2tTMLBrwJuUdCILod46HvWHqYSdJCtKwC9veu0yglFty08n5-EOjffZPOwQSG62AXVc2JKUoOAKzXK7cA1CXCfaVQRtljuZRNaBF_I3TxTkNDQF1u66nCEhngNM0qIb-gvAb5n7-jv-gSducSvGDtLMiiPvkfKk9zAErl0Tqw1C4vOQtMXlPALczfGp0Y-JgQwR6eSy9UNB1NEkZnnFU0mPBwAmYOGKIbLQu627uyeZVoIhFYxNU7bSMdGhaH7CiRhbcPX7ot0gauMaYQ2bbrLfD0MoGzab6OXPP6XSJS9Q4t1FiLzqI4OBANYjvjEdH_oLYlbXVkAWgBii1cSrdsXUtLaWU46X3fUPzKb0Sr6w1gYJEdgRTBC7PddLKCtJoyE8rGaXup2fU6Up0rj0On-ckZZxIKjO7D17kYFJW-pU4H5bD2Zv3qYMONHOFIgHO-NT5pqA4ZmOKpMF9cmrZqi7HR1OxWi7AwmzTvFAaHvbMG2-6_VVFRR_bjhs8nlt6tcrmtd0NbJWylybu-Arh_kqkPtyE_iomM5eQHhUNKunv0pLmhfD4i6ilQFUVEhLfK57BxJrIZcByN1L8vhugs1ngY579by7-koti1f6OaDyGkZ8rOlbkd8vkf9n7wJ2i2Hh3NEHt5V6a_rc1VYDrKNcYd-3Rxc3d2TSxCf1Xmf7PCNo4yBQvml5PpBid-6d3nb9lFboUuIYq98w3QV8w9o8xpk8Evo6Fp3NiKef3so91Hzi_r15BX7zGaPefDVgoLp45Z1lzWwbkFpbOhowrbExhrAxr9xaXVfyAgHdBDyPFm1cxiRz9Y5i4Lk9ePY-p_sby-BEmmiY2w6zHUG3P_xm_6TDksgoPTDQrxjR0mKjtUewvjmrh8OQu90bGTAzmIefM-cNSaO_3OLCJJ7GkNXHCg7u-8cnKEbUPq-9ktQT0AuAQeOTi1XOkG9k3VM_nGm9YziJteQUyrvk&cid=CAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13959187319415812000&adk=943508955&idt=116&cac=0&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f8adae2bed7f184712dc52d0479c5519550ecb71fbec57cf4d780e1daca3fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12221
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3703 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
52036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 19:27:02 GMT
expires
Sun, 29 Sep 2024 19:27:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AA15 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a782e94758a1b2ef3290035f32ef4415e53284d7f7c6bdc540f66fcf67377925
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n14Ky6ftpIVAXjrxiHb_OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-n14Ky6ftpIVAXjrxiHb_OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:18 GMT
expires
Sun, 01 Oct 2023 09:54:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/145276_594/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1308664
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1696154059.716843,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
184651
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.7/ 		464 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/145276_594/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
125abd02e7e26bfbbb3638931f04b0afcd1d70a18dcc12bd10f7e8491258c90c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695800289
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
KW7GASEJWWM1MKMK
age
353725
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695800301
x-amz-meta-mode
33188
content-length
88887
x-amz-id-2
+0xADCStmhMjj2ljw3e9j/P9WdjiYANijWYOi0AqwfOxPLCjBtJZEcae/RqCldwkwoT60zxakzc=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Wed, 27 Sep 2023 07:38:22 GMT
server
AmazonS3-br
x-timer
S1696154059.740336,VS0,VE0
etag
"69d325441f7bb5002e3ec402bb46366b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
478400
sync
am-match.taboola.com/ Frame 1616 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/145276_594/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
405aa03cc97dbedfcc463d41e88b556d4f59ff6fae6b2422026e45fc802c2db8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 01 Oct 2023 09:54:18 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&cmcv=&pix=31579697&cb=1696154058728&uv=145276594&tms=1696154058728&su=3&abt=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vG!ul145276-594_vA&ft=0&unm=FEED_MANAGER&su=3&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-length
0
server
nginx
iframe.html
a.teads.tv/media/vpaid-display/ Frame B95E 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/vpaid-display/iframe.html
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/vpaid-display/teads-vpaid-display.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
daeaceae7fd7857280ab71af9b6926d9a2d24d0b6b78ef5d713749e741a99224

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, must-revalidate, max-age=1800, no-transform
content-encoding
gzip
content-length
529
content-type
text/html
date
Sun, 01 Oct 2023 09:54:18 GMT
etag
"64d4092e60a5fd0516a2673503a37dbf"
expires
Sun, 01 Oct 2023 10:24:18 GMT
last-modified
Wed, 16 Aug 2023 12:11:23 GMT
vary
Accept-Encoding
x-amz-id-2
aGQHOipV13401/26fY4Ay86P0r14l/SYNd6+FmxIbqlD2456xBHfW9X+NzRQbwJusz/6CkaAHWw=
x-amz-request-id
ZBRA5QSPVQRAZF56
x-amz-server-side-encryption
AES256
x-bucket
b
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&env=js-web&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&pageId=154680&pid=169092&hb_provider=prebid&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&slot=native&pfid=42&sid=192517&fv=1262&ts=1696154058752&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=impression&pid=169092&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&pfid=42&mediaFileType=js&env=js-web&ut=1&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&sid=192517&scid=7024&ad_source_id=119&dsp_campaign_id=3104180&dsp_creative_id=67069920&pscid=20204&psid=415253&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&revenue=7Y3xvF7f4asPvJvV7ltq_srT&revenue_curr=USD&analyticsOnly=false&fms=9&p=MkS9ksGPaOrAbhDSGAu3yXTHP-9vd3NAplzQpQ6BJM07FEAMEjEYVI7oT2MLi2_d8PUiBWM51H_BAUTF9wqPWYKc&cts=1696154057594&cs=142715827296432562005&1696154057594&slot=native&fv=1262&plft=apa,apnf&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&env=js-web&pageId=154680&pid=169092&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&slot=native&pfid=42&gdpr_api_version=&gdpr_cmp_id=&gdpr_consent=&gdpr_status=24&gdpr_reason=240&rpm_reason=19&hb_provider=prebid&fv=1262&ts=1696154058776&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame EA4A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 01 Oct 2023 09:54:18 GMT
generic
match.adsrvr.org/track/cmf/ Frame EA4A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1696154058658
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame EA4A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1696154058658
  • https://sync.teads.tv/um?fp=1&eid=80&uid=90113fd7-70ee-4296-b7f1-83ab611747c1&gdpr=0&gdpr_consent=
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=90113fd7-70ee-4296-b7f1-83ab611747c1&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 09:54:19 GMT
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=90113fd7-70ee-4296-b7f1-83ab611747c1&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
962787
content-length
0
expires
Sun, 01 Oct 2023 00:00:00 GMT
um
sync.teads.tv/ Frame EA4A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/0b6457e5-3d55-41a3-8fa6-4bac9c59608d?gdpr=0&gdpr_consent=&_t=1696154058658
  • https://sync.teads.tv/um?eid=132&uid=y-6_NorPlE2oSsqe_IhtUeBHyYKYEmeDvpRrI-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-6_NorPlE2oSsqe_IhtUeBHyYKYEmeDvpRrI-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 09:54:18 GMT
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-6_NorPlE2oSsqe_IhtUeBHyYKYEmeDvpRrI-~A
content-length
0
/
loadm.exelator.com/load/ Frame EA4A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d_eu_ch&gdpr_consent=&_t=1696154058658
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame EA4A 		62 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=0b6457e5-3d55-41a3-8fa6-4bac9c59608d_eu_ch&limit=1&gdpr_consent=&_t=1696154058658
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 01 Oct 2023 09:54:19 GMT
content-length
62
content-type
image/gif
474599.gif
idsync.rlcdn.com/ Frame EA4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/474599.gif?partner_uid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d_ch&cv=&_t=1696154058658
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g.pixel
aa.agkn.com/adscores/ Frame EA4A 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d_ch&_tid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&gdpr_consent=&_t=1696154058658
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.110.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-110-236.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame EA4A 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d_ch&gdpr_consent=&_t=1696154058658
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.100.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-100-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Sun, 01 Oct 2023 09:54:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1696154058
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame EA4A
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Server
34.253.57.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-57-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 01 Oct 2023 09:54:19 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Sun, 01 Oct 2023 09:54:18 GMT
report
sync.teads.tv/um/ Frame EA4A
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&1696154058511
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 09:54:19 GMT
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
971992
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1696154059.816612,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
453738
js
www.googletagmanager.com/gtag/ 		268 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d125e5fb23f88aa16c0df9b801c7a0820135c7fbc7628bd57e7bcf4989d8b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91496
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 01 Oct 2023 09:54:18 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1616 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 1616
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qd1ABeZE2oS0AY0lgKfqRiUwimgl8A81aGUh.g--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qd1ABeZE2oS0AY0lgKfqRiUwimgl8A81aGUh.g--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31159

Redirect headers

date
Sun, 01 Oct 2023 09:54:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-qd1ABeZE2oS0AY0lgKfqRiUwimgl8A81aGUh.g--~A
content-length
0
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=11657&tvi50=9563&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230926-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
82
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64051
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230103-FRA
pragma
no-cache
server
nginx
x-timer
S1696154059.868846,VS0,VE82
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230048-FRA
date
Sun, 01 Oct 2023 09:54:18 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
2
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 327F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cnzmb3SgYeVorVhwpyOppbJHzIIeYDBbHJy4svN9lqqnZhykP7Y5B_wXnY-oFOnySMDMyDhLu95hKStPctYP5UeM6r9acFeKjyHPCJ2XSqqyo5oU4_sAmaXu44BBLiwrcf2eKfc0YJwdU88do2zTh7sXd5zerUpoDYrIlSKJsgDBlLARc&cry=1&dbm_d=AKAmf-C1xfzjUIHEAshRSUXTrwtf_CCsvGD4hVFO-GJ4i021dNZQYD870w1UuJC66FmLaBU4Wj04gBLnLL_56fKcYTg97ieChipSu7u8KF9Vc1It7Ufglrrr5uxZOQxg96vUAVamrVTHy2tqLH0NHM40Oaj2wIB_AkK_5eWIwFnhRl3136kcMZg5duNm6Xec6_uRDZKaeLyiBONp0N1rOFpE2UW3UhaZ8PTxzRrn2x3AEj3xh-F9tRr6btPNjDDTiHfQwAEDGbd186gIsdgxOyeF7xEKH_aA_PsVmwCu3sckpg1lVAuhIoNNZMrP2WVqAXyMa2sO4P_U6E3Zjif-L3P8oV4Q2KTRl1QbPrTAhOBeEfMj42H_aAVhy5u5C0bfx8CFZAr_tPwfYfreen007y1v8nyK9LiwnN-zgKwJUzKbXsPi4KnGZY2wSrepLaUYx1HPoQf01JagrlPKS2LESHX9eyOnZk_Fh044WuZO1IBZwk6uk5c9wac346k5O6jGEx3Qx9GvOzyIQyrIXo_dXjEut_gmMjhlgIXMWi29-rqnFnBmzKQlwXL3fokL71poCcFvoj-Ffs2mswtd-tOFjHZUO_p1AzdSSlMSs7PJIJLsdILf0755TPBNYpaIKnkTljh88MMFFaA-E8t0iuLylSaPMNk8TLPO8qCkl1weDSphYIuDJi87NEkxhPHcOqjYrNBXgZOL42bsBoPw3oqk8kMne_MzJ1qxhCDu3Liq9JlH-HeRfv4evGqc2X_lMLG7YxRF3R7l5CAzkyWtR5zEH-PvnASSt6k5c6Sx8bACKqHdlAb-8yKA5A178f8ZLfGSoKp3K2dV871t9dqEhFxPnS9Rr8qWzlx8tCm5ColUH_ArHV0YkcfQ5X-e_Up1MzUyytxGtoCdJzdVYIk7KwvR4vLN5U2edu3_yHNqVGUQ23l-9QnGgbekb3Lafr0Zapyt7kIUxmiL86WSCt9q4yfVzJx_sGs6X5BfaR1x3XPo1K_9mJnK18DtcVgErBh9LUPzuIoo44iof-hNRV4l97W80pvqtFkCiVsA7h6O5rbpchOaCyBo12y_upJJhMOXrNhc9Y4mkBN7NhCSfKyF6BRbRq5HS8elL78eb4f-yCp3DKT_u879bbHri-InqGDsWz8rIR8dHSE0Ei__apPEwZNMtpGMtYjGexc-8NXo5cFIHCzJQ0SgZuodkmaC4FlgvAdF9CqAbueKwlXbClAnDD_Dl4lbUIytYO708l_0w_FN_qYQWbC7rzUOVmx0Yxbg1czqMfwbTM3n7xqS2A1G-6ZMSP-KzpV5xktQ2m3aiNFEmKW3FVa5jW6b9cDDBH4t04pGmEEKrzLC--KuSu7lfOpN21HnkSp_l1I-lU582m45o_RQWk_oNjfaATeYTuEMosOeoVKMQT-ajj5q6B9PJKLJNK7pjG5dCKbcz34rHFOts1ncdiTdmnNXluzEsZPEwmNRabzyjIag4t144c-vZN2HMKfLiH3s5wURQLDvcQFk3Em3z-vz0ONVevEAe3JrGtMLSLCNZEq0bBYik427y-BlISL5y1IdV9alVmKhVAUqLG04r-EGFrPWDKNjGZVL5a6Z5gRzD1GTKM7J3Ms_T0TxS2uSBjLv4iL5JQty8WSO42B4oS_xaxJdJjaV3cOCf_vAkNZP-Z_sMHjg722s_5C8iMlcNdBaWOgSpu5T9WkPm4hmr618HsdvJ1NAD0j2rIcgA5uCpC9hzINRyjd4ujW4LpZGZwskZJ9cuijacMD0Cai6LQpXAEKQhuM3m1tKNWfxUI3lPXsNMNy7EDq-eFTCPtTZ2dnbsYgqh_vc5lVcvWQemFcCCW4Fh9mSaPN6ABfZXE-wY8_n3MUcmNLF7E--OSzozsltJyzTJuq5eVYzALnC4WIFcTIMvMvBU_4VubAfl2NnzgSNCDc7tTNTWVaAhHXjTXBsa1sNVru6D-QgNvsVTNEKnWURji5zvNsxD9KovyVO2XOx6W1r97sY-RaVHzvmMAwdkkxViKTitr_XFvrapos5F98e6bQdkpyTBJkLBdYuY7tyGOhruBZzGtko1uqW4HZF0DLRoXTMUHptMLENwrYbA3TtlUCn0IK9skwF9zFicYiSpowh3NRm8Xg4TRgQ-ayK3UCy9hqOeVV07-lc2FK9hIABdnUZkdLz1p--4X3O8P1fjsCrvqYkhO7SVB-z3icN4lDkRcLl2gka0e5q2I9XsIE61ouAWzmBx9Ju05xlTCYdcP-WcfwWiCsDIVHyJLwEOXEEpLBjAnPl7D5T8sy_B7JpocNkxKB6qtzgE8xDY2e0Tq3m8Cog4mqPDggzUDCmw9GSBFmhPQvYk9ZPnTyjPKI_d9ms30azgvkdX9cjFfDMggVw5SvVGz4WlX2-c8jGnkZt4fRiXI7xOywFq247PRWKX4olFt2vtbgEas_jQeC-G8qCTA8Ji0D8WzjQXApuwYMvejPQcZPtKzK_G97wDU3ThIGYD5dfVH-UBMkEg1c3u9GtOskPbQ9oMDK9CoftSuiag8yFDli3zIlSUTAD3auAnPS2vp_dekk_KxmxS6yOJu3RSjizG96TS72qnygl3OsX_3xv6biRckbaSJD8DGPD8cwqI4tOQUIO9U-Eg3Nmxhq6m4fIWia51qRwWUctJOCvknNszIoF_vkjbh11w1gTeFu_c8oraft59wX6x19STZ3uqwA1ZswW7WqawhVfaLtQ9eongc_WpgPtW5SO-9QCUjXPAaAiGIyyVHiKmqWJBuJZD2GV2HOmEK2Y07VZw2E_FMe5p61aneu-No_dMwFplqVHYwuZr28bWVJHGJ50o6ZB_PMyoYcVfkfAR2b_WP5y98-2bi3wWkNEJWY9wUG1GN3fmqAPFYk4L_cMgjJfEqSbFfXK910CNOyvGYLxxwzFE89Io66DRV2vNB2ccWmjlo1S7WThPezKd3BJqGevut6eziHWajD8QbwGcKEb0-eGaCSxozH0khO8bd3oZlhuRdsy2sinPiDP0H8dvWXJSBATlSOBO1JIy3eGnXylPPcyknhiX1d67s7HII9cJy1eMCetTNFjq3aNJ6IniXynRJ6QBpNvPrlrqGFG7Vwo8-yHeJNK1HrBFbpvTNDOj4_13DyPQPa0V2F3VcNcRpHfoWGf1Bbxn--0cq6qPprQcjIu5qj99L-_PwkTZgpVejkqwZSjBbKIkqbJqUgb5foGa7xWpXPaBAPzLPKyZOafAhmu3JaxujGS2tTMLBrwJuUdCILod46HvWHqYSdJCtKwC9veu0yglFty08n5-EOjffZPOwQSG62AXVc2JKUoOAKzXK7cA1CXCfaVQRtljuZRNaBF_I3TxTkNDQF1u66nCEhngNM0qIb-gvAb5n7-jv-gSducSvGDtLMiiPvkfKk9zAErl0Tqw1C4vOQtMXlPALczfGp0Y-JgQwR6eSy9UNB1NEkZnnFU0mPBwAmYOGKIbLQu627uyeZVoIhFYxNU7bSMdGhaH7CiRhbcPX7ot0gauMaYQ2bbrLfD0MoGzab6OXPP6XSJS9Q4t1FiLzqI4OBANYjvjEdH_oLYlbXVkAWgBii1cSrdsXUtLaWU46X3fUPzKb0Sr6w1gYJEdgRTBC7PddLKCtJoyE8rGaXup2fU6Up0rj0On-ckZZxIKjO7D17kYFJW-pU4H5bD2Zv3qYMONHOFIgHO-NT5pqA4ZmOKpMF9cmrZqi7HR1OxWi7AwmzTvFAaHvbMG2-6_VVFRR_bjhs8nlt6tcrmtd0NbJWylybu-Arh_kqkPtyE_iomM5eQHhUNKunv0pLmhfD4i6ilQFUVEhLfK57BxJrIZcByN1L8vhugs1ngY579by7-koti1f6OaDyGkZ8rOlbkd8vkf9n7wJ2i2Hh3NEHt5V6a_rc1VYDrKNcYd-3Rxc3d2TSxCf1Xmf7PCNo4yBQvml5PpBid-6d3nb9lFboUuIYq98w3QV8w9o8xpk8Evo6Fp3NiKef3so91Hzi_r15BX7zGaPefDVgoLp45Z1lzWwbkFpbOhowrbExhrAxr9xaXVfyAgHdBDyPFm1cxiRz9Y5i4Lk9ePY-p_sby-BEmmiY2w6zHUG3P_xm_6TDksgoPTDQrxjR0mKjtUewvjmrh8OQu90bGTAzmIefM-cNSaO_3OLCJJ7GkNXHCg7u-8cnKEbUPq-9ktQT0AuAQeOTi1XOkG9k3VM_nGm9YziJteQUyrvk&cid=CAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13959187319415812000&adk=943508955&idt=116&cac=0&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
296561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 23:31:37 GMT
usync.html
eus.rubiconproject.com/ Frame 5942 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 Oct 2023 09:54:18 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
so0m3m0ljrhx
hal9000.redintelligence.net/zone/ Frame 327F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/so0m3m0ljrhx?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnnUByUEZZYj_O-zb7_UP6diD8ASRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEnwJP0Ge_W0lF2_sTO62Y--0NNeTCxyS8qRNALj7eSmJ3SHh4wenIR8XsRAU2SgN3RtLNJ413SDXFF3bvKEWUWURJH1ip-d3v4FmE2DT9Kj8GgrD8kAAuUIuEYDAxUOFoTkQEnFZkO8tuPEpCfVwtW5DWGS4ayFQyzWRFFIRb1FnkvRqN_DNf9h4yRZsyavDKqDnYpO4sBQcBexdn-Gw_gsmLjroH0IlIvfxnPzEfDbtiU61NHozsNe8b7HPX7VZjrhy9-Cx0Q7F7zEdiRu_sWCBxQ1KTR6cno37H4v1k39bf0BGYpggEQsNKyHo-qJmmk9nsZNJ8yfDPTER2uSD6g_2HI1xub3Ib4RpcXXin-tfeXfYfRbUdOBBt0kVXYxjnlcAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj-n--gytSBAxXs7bsIHWnsAE6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIyIfxoMrUgQMV7O27CB1p7ABOEAEYASAAEgJsAPD_BwE%26num%3D1%26cid%3DCAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB%26sig%3DAOD64_3E7qr-3Xe8Se9i14RBn-SVfuLIBg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BALJ2tpf7rkKejoF1jBjSA03kjOfWTXcQsozw86RE3bJw1PJmkHnelONuPI41TwuhqaaHL7mzca7skmjQb9PZakQh2KBSiO5H2ujIlPzqyqNe7XpYBRwYXvdIJsLfNVFiBE1IACPGQhfCeCvcr88rvkejFe6_dSAFM2PLyJ34klt_s7ME%26cry%3D1%26dbm_d%3DAKAmf-BJsMaREm3_xewQf957yLdEsbD93MUB3R3oMHUVIUqBsBxfe8Y6ZT0fXrT6Pe6sSaqOB_t3Sro7nBFL4it40GXrEVvmWRCtzspU2f78r8VUg7Ay-Wbcdgv9joHCdb-RBgm2EdOZsiIvoitWAEPiAV6HDxsiwidGPcn1kvRQ1ryhoNaI2QHbD5DgwIyfho8p-VHG45X1noKkTGQeq8RNqbPPTxHjBruxXyaheoYs7V4khWdBJh7MIdsVEqw4hYVZE9Cnnbedjf5rniPrZ1KRY09zxmLwHY03Mqc2YDO9Sh52yOmWDRO8YiEKgLY52c5Twq7-Jz7lKcX_-kwYCU3td9WmR7RVkO6snkCzf0tqVXe5ZKrGp9zUj5De-hq25exVx97QFpmiUCxc3qJnZ5_aXERUTFcKNF1cnur4EYiWqm4eJKbu8LWD6ADVbp4voN2nUjkOLczUv3-G7s-c4Z8c3vAQ65oQMu9ROGzGPDOjydbUl78lNt10va-Rj6L0Fd4mmYQA4zs2FTjFM63Q4L8P2X6fetwgJCUEX4BMf_Iw8og_42cX-OgESxH8lnJ-1F4Op0IDUMxzuk-opjA3yEBdP1j9m9F5yGjizNikT5pbYheQX82gKZHeWC24YbURtNrjauF3qew81kmFOAuTPWqo4K7z_mjZyw%26adurl%3D
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
6903fd0e2d5bc3f49e1de66ca3de89cab3acd0bdc3e6d8a18114eadfcb1d8915

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4361
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 01 Oct 2023 09:54:18 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
12400
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1696154059.889444,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
77
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5746
sodar
pagead2.googlesyndication.com/pagead/ Frame AA15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309270101&jk=3558447428317118&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame D75A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt-emgDrOjxLmJ7xwBCqGXz85vfQ66IlIsUsxAyYUmbH16P6nnsVAGS9nHto30VFuaHk7iAQfhxbsrWk7wVX7yrHm4ZXqoSie59RyXzqichubJPWIDLvhAWPxYXDE2t66V_ORwEBtXLsbwUj37rkUCvW73OIH3xVOmuS9RbJtcHhciP-vEA9QPwtuuBxKlaLAmaxO61_Sj9YamcMFsexajDCCxRpRNupXtO2zlIGbAI47JJ1GafFdRUkXz1ee5xOpOo4a2pD3GomIxwSc_cWkMGD0OskOTAUYw308pvfJVfYgnzdgR7rqFi-OOMn47IiocW9A&sai=AMfl-YQTa4JAtHrpTcR7uFAuadTcTNNsKMVanGLFzAU7hvSiKL9DL30geGbzbk0xUkyiQ1g8-GQikN2ph73jOukC-nqtGL7qrsgoBQwlU7D2xGP_o2NqBgqa5_j4euDj-R0&sig=Cg0ArKJSzBhDpRqokG_ZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 01 Oct 2023 09:54:18 GMT
usync.js
eus.rubiconproject.com/ Frame 5942 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67c8d8003bc0741220785a7d57d2db612a706276388204fa25382986ccce40eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Sep 2023 12:21:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8841
Connection
keep-alive
Content-Length
10474
Expires
Sun, 01 Oct 2023 12:21:39 GMT
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 3703 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
171294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 10:19:24 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E71B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
74039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 13:20:19 GMT
expires
Sun, 29 Sep 2024 13:20:19 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 8C6F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67069920;rtbwp=0.4191159500911482;rtbdata=E5ZlSUrKlKHT2xYXG9D3b8RMskB2II_uc2jwI1byolN4oWUbtf_-WjLDMno1liEsDqxZ2E3Sb-Q1FP0GmcCU1QlUvwc7CW8YA7UcDHMZnsJe-dAVBVdsn9YiZzYDuyCFFO1l_pjOZrn-EQeyyqXEZdSVOA_B8Axcj0WlQe7we6tjs3LzooiWlsjkmeuvDk_z35dIM8eIycs9vOML8hV6r1hDaPZO9P1D0jesbhDnL-D3w552AYTcqu3zRB9Ai-sx5rwfzSer8kUJdWzoMZtA0lBUv1D10pPvvZnp-y3onUBhzpYDQ_9Zu-aNs9b9BYX5KrYRtHxOgyd0s_TzDPdVaNKJJXLqes_NNGoPJFNQ22ZxilprU64grYy1RPG7jVjTtF4_zKTq8cFwcXYCCQ9E_7VynVR1_-KDXCTefcmXM7F5NfAgO5jjxUHhIpkoas3H0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
deec187383282cfacaec68f31e844621df5bc03efce6550768ab2943847840d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1017
expires
-1
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=122870061&cid=1391071136.1696154057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696154058&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dt=%E5%A5%A7%E6%96%AF%E5%8D%A1%EF%BC%8F94%E6%86%91%E9%80%99%E5%B9%95%EF%BC%81%E3%80%8A%E6%B7%91%E5%A5%B3%E9%B3%A5%E3%80%8B%E6%AF%92%E8%88%8C%E5%AA%BD%E4%B8%80%E9%8F%A1%E5%88%B0%E5%BA%95%E7%88%86%E5%82%AC%E6%B7%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 5942 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LN7ABYR9-12-I51O
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
request.php
hal900016.redintelligence.net/ Frame 327F
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=fdc36c03fb&subid=&uid=23a700868a0d2a65&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=fdc36c03fb&subid=&uid=23a700868a0d2a65&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=fdc36c03fb&subid=&uid=23a700868a0d2a65&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnnUByUEZZYj_O-zb7_UP6diD8ASRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEnwJP0Ge_W0lF2_sTO62Y--0NNeTCxyS8qRNALj7eSmJ3SHh4wenIR8XsRAU2SgN3RtLNJ413SDXFF3bvKEWUWURJH1ip-d3v4FmE2DT9Kj8GgrD8kAAuUIuEYDAxUOFoTkQEnFZkO8tuPEpCfVwtW5DWGS4ayFQyzWRFFIRb1FnkvRqN_DNf9h4yRZsyavDKqDnYpO4sBQcBexdn-Gw_gsmLjroH0IlIvfxnPzEfDbtiU61NHozsNe8b7HPX7VZjrhy9-Cx0Q7F7zEdiRu_sWCBxQ1KTR6cno37H4v1k39bf0BGYpggEQsNKyHo-qJmmk9nsZNJ8yfDPTER2uSD6g_2HI1xub3Ib4RpcXXin-tfeXfYfRbUdOBBt0kVXYxjnlcAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj-n--gytSBAxXs7bsIHWnsAE6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIyIfxoMrUgQMV7O27CB1p7ABOEAEYASAAEgJsAPD_BwE%26num%3D1%26cid%3DCAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB%26sig%3DAOD64_3E7qr-3Xe8Se9i14RBn-SVfuLIBg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BALJ2tpf7rkKejoF1jBjSA03kjOfWTXcQsozw86RE3bJw1PJmkHnelONuPI41TwuhqaaHL7mzca7skmjQb9PZakQh2KBSiO5H2ujIlPzqyqNe7XpYBRwYXvdIJsLfNVFiBE1IACPGQhfCeCvcr88rvkejFe6_dSAFM2PLyJ34klt_s7ME%26cry%3D1%26dbm_d%3DAKAmf-BJsMaREm3_xewQf957yLdEsbD93MUB3R3oMHUVIUqBsBxfe8Y6ZT0fXrT6Pe6sSaqOB_t3Sro7nBFL4it40GXrEVvmWRCtzspU2f78r8VUg7Ay-Wbcdgv9joHCdb-RBgm2EdOZsiIvoitWAEPiAV6HDxsiwidGPcn1kvRQ1ryhoNaI2QHbD5DgwIyfho8p-VHG45X1noKkTGQeq8RNqbPPTxHjBruxXyaheoYs7V4khWdBJh7MIdsVEqw4hYVZE9Cnnbedjf5rniPrZ1KRY09zxmLwHY03Mqc2YDO9Sh52yOmWDRO8YiEKgLY52c5Twq7-Jz7lKcX_-kwYCU3td9WmR7RVkO6snkCzf0tqVXe5ZKrGp9zUj5De-hq25exVx97QFpmiUCxc3qJnZ5_aXERUTFcKNF1cnur4EYiWqm4eJKbu8LWD6ADVbp4voN2nUjkOLczUv3-G7s-c4Z8c3vAQ65oQMu9ROGzGPDOjydbUl78lNt10va-Rj6L0Fd4mmYQA4zs2FTjFM63Q4L8P2X6fetwgJCUEX4BMf_Iw8og_42cX-OgESxH8lnJ-1F4Op0IDUMxzuk-opjA3yEBdP1j9m9F5yGjizNikT5pbYheQX82gKZHeWC24YbURtNrjauF3qew81kmFOAuTPWqo4K7z_mjZyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6662836773409&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
615947c339cca9d84c11e4135c193b6863fc92eb2b2718f4960e04575d628216

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:19 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
42971800037452204438446012464016
Connection
close
Content-Length
331
Expires
Sun, 01 Oct 2023 10:54:19 +0200

Redirect headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:19 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=fdc36c03fb&subid=&uid=23a700868a0d2a65&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnnUByUEZZYj_O-zb7_UP6diD8ASRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEnwJP0Ge_W0lF2_sTO62Y--0NNeTCxyS8qRNALj7eSmJ3SHh4wenIR8XsRAU2SgN3RtLNJ413SDXFF3bvKEWUWURJH1ip-d3v4FmE2DT9Kj8GgrD8kAAuUIuEYDAxUOFoTkQEnFZkO8tuPEpCfVwtW5DWGS4ayFQyzWRFFIRb1FnkvRqN_DNf9h4yRZsyavDKqDnYpO4sBQcBexdn-Gw_gsmLjroH0IlIvfxnPzEfDbtiU61NHozsNe8b7HPX7VZjrhy9-Cx0Q7F7zEdiRu_sWCBxQ1KTR6cno37H4v1k39bf0BGYpggEQsNKyHo-qJmmk9nsZNJ8yfDPTER2uSD6g_2HI1xub3Ib4RpcXXin-tfeXfYfRbUdOBBt0kVXYxjnlcAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj-n--gytSBAxXs7bsIHWnsAE6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIyIfxoMrUgQMV7O27CB1p7ABOEAEYASAAEgJsAPD_BwE%26num%3D1%26cid%3DCAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB%26sig%3DAOD64_3E7qr-3Xe8Se9i14RBn-SVfuLIBg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BALJ2tpf7rkKejoF1jBjSA03kjOfWTXcQsozw86RE3bJw1PJmkHnelONuPI41TwuhqaaHL7mzca7skmjQb9PZakQh2KBSiO5H2ujIlPzqyqNe7XpYBRwYXvdIJsLfNVFiBE1IACPGQhfCeCvcr88rvkejFe6_dSAFM2PLyJ34klt_s7ME%26cry%3D1%26dbm_d%3DAKAmf-BJsMaREm3_xewQf957yLdEsbD93MUB3R3oMHUVIUqBsBxfe8Y6ZT0fXrT6Pe6sSaqOB_t3Sro7nBFL4it40GXrEVvmWRCtzspU2f78r8VUg7Ay-Wbcdgv9joHCdb-RBgm2EdOZsiIvoitWAEPiAV6HDxsiwidGPcn1kvRQ1ryhoNaI2QHbD5DgwIyfho8p-VHG45X1noKkTGQeq8RNqbPPTxHjBruxXyaheoYs7V4khWdBJh7MIdsVEqw4hYVZE9Cnnbedjf5rniPrZ1KRY09zxmLwHY03Mqc2YDO9Sh52yOmWDRO8YiEKgLY52c5Twq7-Jz7lKcX_-kwYCU3td9WmR7RVkO6snkCzf0tqVXe5ZKrGp9zUj5De-hq25exVx97QFpmiUCxc3qJnZ5_aXERUTFcKNF1cnur4EYiWqm4eJKbu8LWD6ADVbp4voN2nUjkOLczUv3-G7s-c4Z8c3vAQ65oQMu9ROGzGPDOjydbUl78lNt10va-Rj6L0Fd4mmYQA4zs2FTjFM63Q4L8P2X6fetwgJCUEX4BMf_Iw8og_42cX-OgESxH8lnJ-1F4Op0IDUMxzuk-opjA3yEBdP1j9m9F5yGjizNikT5pbYheQX82gKZHeWC24YbURtNrjauF3qew81kmFOAuTPWqo4K7z_mjZyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6662836773409&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sun, 01 Oct 2023 10:54:19 +0200
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/22/2023 01:09:22
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
88488363efe20c306991b8be45bb716c
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-167
cdn-cachedat
09/27/2023 15:06:24
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c1eabf5f03014ee9bedc39e5feaf3936
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-587
cdn-cachedat
09/10/2023 07:57:09
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
095bc1b4d1139a45dec4d5d2c53afa28
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-676
cdn-cachedat
09/22/2023 01:10:25
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
05eff5157c1d732936a84b9375bcaf78
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309260101&jk=803785872138801&bg=!KCulK2TNAAYEJRtnJCU7ADQBe5WfOGZrmmERunTQzF-paInoXO3xQ3f_rDfbE86zRDCnyLCY_Z_AJwpQtW2v7Bf-JGcqAgAAAOFSAAAABWgBB5kCv4ldgvtRjhzNc-LBH_C0jwnzYUsTfjmn6AGOleZeOiGY40vblegpgBOOpiVvxbEbqshUQiIQZNKusEzVQzdCQvg4LvI_0pFyo0wU15tiTEWERKg8IL-DYDEObpZ7xc9SWAVAM7fLhIdhRJLqwtXYTNtMLxNpS1nITEzOaQ-fSWO277wkdeVgsAtS-NSLA37AwNC6aWzBJg5Q7NUnNxnnD79Wh18CaxNZXR-OZLBFqzzKtvZLweYstjtBYsh8jUbzi9F8ZpKo0_t8qxmDY1OKRzshPQBL_WGfRlU46TrCiRN2LxOtQHjMXhX-Z7qPvGpJbJxnIE-ASgP7hPUkQ55Z_vAW4Ymq_rp8XFiA0Cq9EOrt4RsODYT0q0vu-No6ivvVDsQ9WTzZLLhfZXZN9RzS3A2H7TnCko-U8BKN1sZUUlmGM0WFfLfmn2k6Fq2v27MLMxjrsqetIGF91ijlcsw-DdfUNMFlAMAgPNV-P4PSEWqCxVsmMKjxajLofVNOQXkOSFU1yjfrYQbj5xkKb60KG8UPNqdFSh4Zg8I-GgkyoEUYZa68THaq16e-7nJNuaWeZusRpXLpa6D6whIX1wYweK6PUD8H7Hx7y0bHAyDanAK8UZ77qr_d8IZEgW3ut4FDsP-4jSnhFQwe3hWzkkiBd2hYYXMaGs34Gwhdi015bKWE9N2ZVRw8E2TfdpZeKLze1Do9yG22Oc6kiBbrUYBkroxLNrT0LXuAMIm2guyKnQ3lVAgpCGC8k_wf9d45Gqc2yH5M_dRem7f9xgKOihwawRJHU-sSd3FXsRQQSVpcWgTkJOXG0Lz9PZDTgavzdvSi4Y8s3uc_PoreZPHBg2uBVQFxo8CqjIlLBC5JxbhrR6QHjTxOspCLurfajAjgaZDa0_o3K94au2THzqfaQKD6HRLYUx3zaKIISfzLh11h9U8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
pagead2.googlesyndication.com/bg/ Frame E71B 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
396967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14820
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:12 GMT
519800e0-d456-44b3-8a16-fd7c3b5c7bd0
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/519800e0-d456-44b3-8a16-fd7c3b5c7bd0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
generate_204
tpc.googlesyndication.com/ Frame 3703 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yw1pOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 8C6F 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67069920;rtbwp=0.4191159500911482;rtbdata=E5ZlSUrKlKHT2xYXG9D3b8RMskB2II_uc2jwI1byolN4oWUbtf_-WjLDMno1liEsDqxZ2E3Sb-Q1FP0GmcCU1QlUvwc7CW8YA7UcDHMZnsJe-dAVBVdsn9YiZzYDuyCFFO1l_pjOZrn-EQeyyqXEZdSVOA_B8Axcj0WlQe7we6tjs3LzooiWlsjkmeuvDk_z35dIM8eIycs9vOML8hV6r1hDaPZO9P1D0jesbhDnL-D3w552AYTcqu3zRB9Ai-sx5rwfzSer8kUJdWzoMZtA0lBUv1D10pPvvZnp-y3onUBhzpYDQ_9Zu-aNs9b9BYX5KrYRtHxOgyd0s_TzDPdVaNKJJXLqes_NNGoPJFNQ22ZxilprU64grYy1RPG7jVjTtF4_zKTq8cFwcXYCCQ9E_7VynVR1_-KDXCTefcmXM7F5NfAgO5jjxUHhIpkoas3H0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0862d26a0d1d85dc8261ebaf0ce3f851e826902d6304eabc79b3abea2cb4dafd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92723
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 01 Oct 2023 09:54:19 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
045c5f2e8e08bfe52f3bf59816ae01cc3989ea4712bacf74eb3ae4a8ecf99606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92684
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 01 Oct 2023 09:54:19 GMT
ee22a31f-62f7-4ead-92a4-206c70b7444d
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/ee22a31f-62f7-4ead-92a4-206c70b7444d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
e410a1ab-4d2e-4340-943f-bcbf8785d2c4
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/e410a1ab-4d2e-4340-943f-bcbf8785d2c4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1049:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1049 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-664
cdn-cachedat
09/06/2023 03:55:39
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1049
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
a411eec8920dcd475a9c38886b5cfc11
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/02/2023 18:29:37
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
f7e1b918f3239a71f5e1323cc47c8c20
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame E97D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8p8xOcxSgunQUFg-dDbckWLtswNt4o3PfM82TPXr4uoqAmDOvawIatN6NfPkk6L55shqcf65l-kzC4GrlNdbQuEGLgTvsZwNm5GPDNRp4F22JFM4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E97D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15595957837707619012&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E97D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame E97D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 09:05:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame E97D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
61521
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame E97D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZng4gymSLl6HXKxhSpkz6aofdXVSK85gAy0s6qnL0os1czYGGejVOJSHhURzUM8B-gZZgjlOUOob2T6MYN5Y79ANcJw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E97D 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 09:54:19 GMT
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame D3DC 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
297723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:12:16 GMT
expires
Thu, 26 Sep 2024 23:12:16 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Oct 2023 09:54:19 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C12B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 01 Oct 2023 10:06:54 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
188607f07d0dee044839948be6048cba
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pixel
googleads.g.doubleclick.net/xbbe/ Frame FEEA 		611 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWOzknI9ksbvShFAo8kzTzZJwzYTSso7ouhIgvKTS7PzLYn1_ovo_upKYvpG83YFaRuAI-AGqVjhz_4YMgsEqb9r1ODrA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
0a991323-8502-4c8e-ac66-73da9588a031
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/0a991323-8502-4c8e-ac66-73da9588a031
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
392fb3f7-a60c-4821-aa26-51037c2f57a0
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/392fb3f7-a60c-4821-aa26-51037c2f57a0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
77793a2d-7428-4db9-8f04-9b4356d026f4
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/77793a2d-7428-4db9-8f04-9b4356d026f4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je39r0&_p=122870061&cid=1391071136.1696154057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696154059&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dt=%E5%A5%A7%E6%96%AF%E5%8D%A1%EF%BC%8F94%E6%86%91%E9%80%99%E5%B9%95%EF%BC%81%E3%80%8A%E6%B7%91%E5%A5%B3%E9%B3%A5%E3%80%8B%E6%AF%92%E8%88%8C%E5%AA%BD%E4%B8%80%E9%8F%A1%E5%88%B0%E5%BA%95%E7%88%86%E5%82%AC%E6%B7%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FEEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFQrLk8mhLEcVdKoFVdXe3I&google_cver=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFQrLk8mhLEcVdKoFVdXe3I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWOzknI9ksbvShFAo8kzTzZJwzYTSso7ouhIgvKTS7PzLYn1_ovo_upKYvpG83YFaRuAI-AGqVjhz_4YMgsEqb9r1ODrA
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
an-x-request-uuid
d1a144af-ee3a-4916-a98f-97656ac95f9a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFQrLk8mhLEcVdKoFVdXe3I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FEEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWOzknI9ksbvShFAo8kzTzZJwzYTSso7ouhIgvKTS7PzLYn1_ovo_upKYvpG83YFaRuAI-AGqVjhz_4YMgsEqb9r1ODrA
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
an-x-request-uuid
6c676564-eefe-40de-b92c-d7b0bf4d31dd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FEEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWOzknI9ksbvShFAo8kzTzZJwzYTSso7ouhIgvKTS7PzLYn1_ovo_upKYvpG83YFaRuAI-AGqVjhz_4YMgsEqb9r1ODrA
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
date
Sun, 01 Oct 2023 09:54:19 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame FEEA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjllYjM4Y2YtNjhiNC0yZjk2LWNlZTEtYmZkODE3NDRlMmRl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjllYjM4Y2YtNjhiNC0yZjk2LWNlZTEtYmZkODE3NDRlMmRl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWOzknI9ksbvShFAo8kzTzZJwzYTSso7ouhIgvKTS7PzLYn1_ovo_upKYvpG83YFaRuAI-AGqVjhz_4YMgsEqb9r1ODrA
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjllYjM4Y2YtNjhiNC0yZjk2LWNlZTEtYmZkODE3NDRlMmRl
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
request_content.php
hal900016.redintelligence.net/ Frame 9B9D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=42971800037452204438446012464016&a=0c3b7079
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=fdc36c03fb&subid=&uid=23a700868a0d2a65&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnnUByUEZZYj_O-zb7_UP6diD8ASRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEnwJP0Ge_W0lF2_sTO62Y--0NNeTCxyS8qRNALj7eSmJ3SHh4wenIR8XsRAU2SgN3RtLNJ413SDXFF3bvKEWUWURJH1ip-d3v4FmE2DT9Kj8GgrD8kAAuUIuEYDAxUOFoTkQEnFZkO8tuPEpCfVwtW5DWGS4ayFQyzWRFFIRb1FnkvRqN_DNf9h4yRZsyavDKqDnYpO4sBQcBexdn-Gw_gsmLjroH0IlIvfxnPzEfDbtiU61NHozsNe8b7HPX7VZjrhy9-Cx0Q7F7zEdiRu_sWCBxQ1KTR6cno37H4v1k39bf0BGYpggEQsNKyHo-qJmmk9nsZNJ8yfDPTER2uSD6g_2HI1xub3Ib4RpcXXin-tfeXfYfRbUdOBBt0kVXYxjnlcAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGqDQJDSMgNAeINEwj-n--gytSBAxXs7bsIHWnsAE6wE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIyIfxoMrUgQMV7O27CB1p7ABOEAEYASAAEgJsAPD_BwE%26num%3D1%26cid%3DCAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB%26sig%3DAOD64_3E7qr-3Xe8Se9i14RBn-SVfuLIBg%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BALJ2tpf7rkKejoF1jBjSA03kjOfWTXcQsozw86RE3bJw1PJmkHnelONuPI41TwuhqaaHL7mzca7skmjQb9PZakQh2KBSiO5H2ujIlPzqyqNe7XpYBRwYXvdIJsLfNVFiBE1IACPGQhfCeCvcr88rvkejFe6_dSAFM2PLyJ34klt_s7ME%26cry%3D1%26dbm_d%3DAKAmf-BJsMaREm3_xewQf957yLdEsbD93MUB3R3oMHUVIUqBsBxfe8Y6ZT0fXrT6Pe6sSaqOB_t3Sro7nBFL4it40GXrEVvmWRCtzspU2f78r8VUg7Ay-Wbcdgv9joHCdb-RBgm2EdOZsiIvoitWAEPiAV6HDxsiwidGPcn1kvRQ1ryhoNaI2QHbD5DgwIyfho8p-VHG45X1noKkTGQeq8RNqbPPTxHjBruxXyaheoYs7V4khWdBJh7MIdsVEqw4hYVZE9Cnnbedjf5rniPrZ1KRY09zxmLwHY03Mqc2YDO9Sh52yOmWDRO8YiEKgLY52c5Twq7-Jz7lKcX_-kwYCU3td9WmR7RVkO6snkCzf0tqVXe5ZKrGp9zUj5De-hq25exVx97QFpmiUCxc3qJnZ5_aXERUTFcKNF1cnur4EYiWqm4eJKbu8LWD6ADVbp4voN2nUjkOLczUv3-G7s-c4Z8c3vAQ65oQMu9ROGzGPDOjydbUl78lNt10va-Rj6L0Fd4mmYQA4zs2FTjFM63Q4L8P2X6fetwgJCUEX4BMf_Iw8og_42cX-OgESxH8lnJ-1F4Op0IDUMxzuk-opjA3yEBdP1j9m9F5yGjizNikT5pbYheQX82gKZHeWC24YbURtNrjauF3qew81kmFOAuTPWqo4K7z_mjZyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6662836773409&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c42711787187e464b92b1f7d7c054dc66d3d2b61367dbb113d19d85d0b5878f3

Request headers

Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1496
Content-Type
text/html; charset=utf-8
Date
Sun, 01 Oct 2023 09:54:19 GMT
Expires
Sun, 01 Oct 2023 10:54:19 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A0ED 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
7134
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Mon, 02 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 327F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d51b60a081fa9022123494a4d513c6a1c125ecba10def7d3bf2ed140c2c4990e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame E97D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8416177125482&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E97D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8416177125482&version=m202309120101&ct=77&x=1&cor=15595957837707618000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
ad.doubleclick.net/dbm/ Frame E97D 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNcOlTTF3l4uqpoZv_AyeXHBYvLug1IyNCgjRIDKmWaPpK3NS6I-EPYs_FLKNsCyUrnsjivPti-DBWJ819_QnzuI2dJEykeGTq4ewQrPo4RZJ0TTd3_cpz3g1x5XNu8tuQME6JI-6791ytIxb6XX9_Ui9zvgemsQBC8p1quGLXOpNpCaM&cry=1&dbm_d=AKAmf-D1aeki8Lt5HWYMGBJSGfkLdENXe1XgyJLBEb6zScIhxSPTkGHRAHXJf4LTbov2zhFIBi57xU2-fDJXDzQE4GIgG3caRNKHCPSx0Hb8SVGUgx92RMVbUsoT_a0yJdo0xyIbHYvscXn4pltf_xwLvUIfCoAvBOnOtCXB6hlpP3dkriK5ne63Rugh67_52KSKyIpudFku9wkfuQXVcFQnHdo3MeIJWPNR5c7ihrPscvnZPghPcQp5PCJ2_4vDkId5FuAE-PKmON8lrdNY2L7FSw5LvkFufmyxJC0_MVRqfyZungmGohg2xgYeTq2uPVV4AcAG2ssm_gt_vQ7Kkl_5jslXDpqbcc8zhzcpQba3jSd6Z375XcDy47Q8XdsLBa3Nd5IzboVIxkNIZYOIIpVcfMhJc4fAoujvULxa6u1gAzivx0ifxpKRzQwnLmQorujS2Z0NDl-65VCt5iR-TWMIqcc6FPhsK19kF1SnJjhABXAEjxJTtpEQwYfBC_ieoEAuBQu5fbnDzzh0B0DPDUaJ2gCV0HF0BlYxjVGIn0Y8BsB-EobMOn-DpoFPIWi6ThcfF2BBXE9MDflMTr4vGEZZpOBm3D4gGEEZNrYsFhMp22RmRIvGWlT31chV2yhe7Z03ZRY5pGiEwMiTYLmJJ031ChNbEXZ9OX_5RuSnQR19gHPG1xL0nLry-QgjT3CGQT_fJMJPXkpepIVbW3V4bT9TTPcOGSWuvgaha92jwmlCs8jxU0DKUXWZAWHqGMq4nV1w-sFrNYSiugpl8Yt6wHgeToubdqu586wAQR8HvS_yBhIXycKIsQsclIMs-ObfeKpzAbi3xfTdG9Znd-MNEITwSWSxYt_xGSOgNUZ0ZYZ10YlHrI6ioEcI9T4qL3hAE2g2eqigcfSoLGDYRd0LeeUBPa_ebfdEyivCkLQ3Ep_V1EGWhccCefHQ8CLsFKjzTkl21i4cthwoT2HykjjvK3WiosvFFjtXEVGs8PC_tZ4252dBNHpllMue5iRktcHs5UmumYl3OWrWGUjBJNnpmlwtokZieZ8TfDO_sHj9G1l2B3rTdeFgZ68U5rh1QMbc81TEgDHc2Gw9PgcsQQ1prg_6dGg3k2N-Y4RRD9bRueLM3ps2TEbEU0ZON8Qhj9NmCrGmwwWmX8NE4ojw4sQyLlwyaV_cwCC1km4YItp94VrWM4CzsOlGHJcEMLjqe7R-29qryNYwxgazC8XM6AIIiLG3s3jK1dedkCU-6OmCnGjJxvGm4HNClAJDDiZtYm6c1wLwh1xxuO1MgDzFSXJUPmCjjzJVI31SIWE9QYdZFVUjL8V_bBpUejyE2BhWb9w0sObT5Lq2q8_zvtd7ARKC2qw84LLqTpfUmA3YkRp0VD1E3Ne_Xt1pB-uS-Y41C7WQg5lYKplmJHrLI7KvWb85LWxYuJKSSAUXrVfxqje6Eggl6frvfCqxWF8kvt7vEvWAJM3_e5sFQNFVPMB0xNUWYYTbb2qQEOrXaLIVR6WCT11X1elDuDgdaSWUqN_yZKLVExreGBUDT1LkfxHnh1uBRwp8I3I3EOaRXy0IgGolSN91VRbPrUsnjIHfdPeAV85FZzKdgnwruWZTMfbANoQQKTLJc2GaIwWYR24xCnN2DDrwhV9T4yBw_azjJxdO8P_IqfPYVj7x_0OnmPi46SiC6v9btYHH8zmmm2k1TnMnAIEt2cL6sdclwE44JXkiZJ6V8CosQbhFjzR7M929BC1anjdc4KjNe1-5ptQFi0Z1EfHM8_AZwvmx1wDrfm13AEe11kRAQmBCIsQpx9SvbJRGPg7PMmklYue6XRGnLsLYUAdajn7aJ0zDs7CugI646wKyLlcwijwNsySSd2mGbOOQbRXlC7wNf_-joUoShWKDSOfvMCig40dcuh-gSSeEOyxG9WbSJFqabwM-mSoWvHRq-hsN4POxMh0DkPh_kpdunoYryWVskGRbAOyKE1fMBhfLCLmy9s9iakmOPe_nS1JStBreousylgMYBSD9LYISlLk7ttQ43pm012zsT1Zdv36tjqsQ_NkSGMddkQNmskcsTflbL4Quhese6_Ibx2xAxEpB48x8aIMXJtW7OiGBFollCdPW12v-jAIHTp2KkYLPD0MEm0ymA_yDpIv5RbQK_2hL5fWOguXiOTdk3dGuh_I7MmkejovstarXRnxsuIqBI1R-CQ7zzfJrBaaK7qL4rZA_CyCMAWWh390T-2rppzXO_V7qnBnWN2ciiANs2ltTWDoX0dMUtDsKPQG2wl7dLmTPeYah_-IuI6K3D6-Ewf0ic_qcdQtbgT2dPkkEaBoHiokHjUtL5U4TEldAAUJgS7CGvUAGYLCzWHeYeCE0lx3Dwp7iaTw8GgF5OXOqGcvuexeZJmmNc0IeFdVaoarB0e50FQIe4Gac0YADFV5FrFQrdVgIDCoSbb5TKRR4Rii2-H93snGMdhlxev737RFfHvXJdOwYn4zqk9Hb2xyAXRQPXuLXJ49dLdsGi9MJ8QZREQJLCVClVlYexduZzx4dPrS5mf1Vi3tUvPCuKbgMZ-pYFIuHcL5Fiw8UK75Zi8fRv1G5p3syO4Usd-RK1H_JwnC6Kw82B09opY1Dda5s4xgoFRyshARWr1rGnNFXDlPOyZBettXksWOaB6lEuGZZsnsRaiuno-CmHl7Jk6mxOMSJ3rPSk6mvABjS4s1L5bRvfRhNyYMKvZt4LJkA8o7_Tj05C4pP8pGXVaKTtRlgH-kNBVYgnElwGca8MYRf_jXwW7FUat671iU13iuHtzNUrDE1BdTSTctqenkrg9ze2ReZit6TOSiYMnrVMsV9rLPq6tb6yM-CradCDwgDxDiOug7FQr0xgUiV44IqHaSWbnOXTZW6vxFKMYy0lEufBNnaj-pksyJKqDcl2osMt8Zm54KafpL2Xmk_O5iA3Q08Od9ptHdMNrtt9HIBeRBh4QD__v8pjseiVXmdRjXDH6iJ9BQ69kSmn7EVGwfgenSB2hfcGs7meBTgAlKRDRsbtSsOUr00Q3CfwKNiti3fYHFlAFYcCaubPUZkUE2yVpEmFHzJU5P0y1QD66ggpEbcc2iG7fFHzRd2M4GHsTcZacBg6Oyacug3iccIZYcx5SOjQzLIIqJPYxkwwfKfBzyGxQI1Cs_v0AwPf9cB2uZ-C9rj5Zqx5ZhisGC9YrcDiLbJLJUO7fYfVvQr-3zhTGWkVDGN0XjjpPfjMBkhaL3Zuv204Db78eaNZG9m3ml-pLIHC16852rXytTz-K2SkSft8gefyA2oR7fJ6D8iEvj2KqbpkWsfQ7S7oWlOP7fGhhpjO0vwlwa2RR6l62Qbwc6MoldZW29j5OtvOBDV75NEiVEUH1CsBVv_f9zrWxikkA0crH8pRJs9PkL5HSetM8T4bYKet7C4Dn41VKEYAle6Pkwzpqhqge_jvvwpfwKcpwYcA9Swxev6wukyPQk7HTfBcZutyAC_5s9wiJVfFuVCAPEozZB6U5IM8ZfkBfTCDUS54cCzW5ktELjjjIUGvaTlX7IvsX_LuoJcAnpZfXMMQCDqJ7GG0hjV74_G5ZchTy-GRfjYi8uxQCu-iZaT94khPcPE5bh4rRPc2ugkdPa_n6LNLVSvwPyJvZbIQLmDFoEAfjsTODUXeOY7X8vVXw-ECrEUNIgcGVKbJHLx_jBtYGlaP116gyy045RYbzlJOzC_UT1pziy9D3EFEun7iKZluG3PK5_QRVrDSmr-YzDPGiopNK1NGLuPLqBoI_zns1W4EoBhx_CLp2ULivZ01mO0F4pI6Z9hloH7z2M2QSEBUSWUM6R-WwYFf2MevBfvl5a2NwticxiFGTIDrEJufbdL-NCfdgGGZdieyJDq7cu7zf-a1RMlUDoRK6mNTwtGZJmuwH6-Yb3oaS7XEqLSLjP4GCOZLOMrabTiY-HYffAnYyPUisd2fce_dPBfxctpDG2t5NVIU1fDGbTSK39vTeER3kYGxkh0jEHwHh2mLHL1QtoVyxiIwQ3WPMFymlQ&cid=CAQSPADICaaNtMPOUdViBXd7dkjNdnMooSUv2z5vkl6A6eHWgG_6LvZaE-C3tcyPyNZ0KDNLq52vs6bW6I_itRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=15595957837707618000&adk=3676778483&idt=136&cac=0&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
8fa8ca1b3e0d637a296c80d93790f00bdd5de7fdda38babe8eb93be7ceb2c3e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12030
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 8C6F 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=67069920;rtbwp=0.4191159500911482;rtbdata=E5ZlSUrKlKHT2xYXG9D3b8RMskB2II_uc2jwI1byolN4oWUbtf_-WjLDMno1liEsDqxZ2E3Sb-Q1FP0GmcCU1QlUvwc7CW8YA7UcDHMZnsJe-dAVBVdsn9YiZzYDuyCFFO1l_pjOZrn-EQeyyqXEZdSVOA_B8Axcj0WlQe7we6tjs3LzooiWlsjkmeuvDk_z35dIM8eIycs9vOML8hV6r1hDaPZO9P1D0jesbhDnL-D3w552AYTcqu3zRB9Ai-sx5rwfzSer8kUJdWzoMZtA0lBUv1D10pPvvZnp-y3onUBhzpYDQ_9Zu-aNs9b9BYX5KrYRtHxOgyd0s_TzDPdVaNKJJXLqes_NNGoPJFNQ22ZxilprU64grYy1RPG7jVjTtF4_zKTq8cFwcXYCCQ9E_7VynVR1_-KDXCTefcmXM7F5NfAgO5jjxUHhIpkoas3H0;js=1;adfxid=1x;2282;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.bg3.co
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
24aed6defe9f19121db78ce9f0c850d9df8844e3bb14bb4fa09a5efd5ac6004a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3052
expires
-1
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-679
cdn-cachedat
09/20/2023 03:54:27
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
e6e25bed174b5ff18b3f915a7d633b3a
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
S-300x75.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 9B9D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x75.gif
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=42971800037452204438446012464016&a=0c3b7079
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:19 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-2f74"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
12148
gen_204
pagead2.googlesyndication.com/pagead/ Frame E71B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdiFGykEZZZvEJZOvjuwPhciSkAQAAAAAOAHgBAI&bg=!WFulWxTNAAZN1Q_XbdU7ADQBe5WfOL3sW7V-vyl4vbpSb2vWBq3iVittgM4Pzr0sx97hqs6ua501WZS2gK0s1HzPcYVTAgAAAURSAAAABGgBBwoAB6n4dKko61KZAwC6Jjcgl11rgeFgsP1NaLRdDauUhOr7tgVts_2ApCCNkaWBXu1YxTxPv6K2YHGrX2wsW9MfgND1_d3LzC7neAlo2c-yHOeixXWfv8olPYCqoK2rfg8tnAOsDd8eAPXJKmNFxSWva_ml4mhzPMN5tUubJjC2bxnHgmVsS_H-3KETsRzpUf9twgsiEtQLBCZXXe0QJYB5GQlJbksRifELY2c5b7PtXAgmZt8NJBSOHhfYJD2emEkgOjojLq67NL6T1K63i1Y2N4bZaPO4Fyc1_-rSpruWwzUJkZp3aJRqgYCLyYVvx_IQ09gCtKQvCRMqqgOYSTxr62yDyqNbuapX8cGB7pTQR04i5NDMCJt-mbkHjaY6iqcZlJo6f5t7Z18uuyeACWe-g4GI8V3kTuSzf7BGnsyyIj4OYKdVsBFL6qz52PneiGlf5keqGtLKEVNukbE4sbLkPtP6GdX70XrcotAKVcabHEoEaw2Vxe0GxQAAZHTFoTdaP3xBhhECavKjKtR9wZBkClXfgKLg9tZ9Lv__47Xruk0ZYMTWRxCvmVbw-IlOsHf_kNru-_u77M-bQa3u3C8alEfA_6BWZh3zIKHrZP23-ZYVmYOWFmrDABHenZA_No2-GWstpbVK-dEs5yecx9-Mqq_oz2a6NAIxriodHWVqml4s0YAsI8Ttt2oSWnsRaH-F5SYvjTQdzymWL8lCfo87bc3Y4U3W528i7KjVySUiFRqI_hX3GicOhfhkYltm49ZvvHZiPChM4WahSld88xgqoi0FhqFFJKrqFKTSbhi1m7EmNf-nfyakhWbGVHv7m78_TPwzl4rbInzoYy5Al4A9WpAYyRbOLWOCksyCiUH94p0DBArnKVw2in770Z_YzlhwrMR92MBohzqWnHqNRlT77IXuoda4gDDOKAKq-_4YTtGvNhObO05KIrb1D0_mASgC9bTnN2qB2PX2_rXoQxHgDyPvbMPhaTOOAo47agwbHFHZefUtHZpdliD1vttnXT7A6rgZ8ufr0neVYAU
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900016.redintelligence.net/ Frame 9B9D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=42971800037452204438446012464016&a=aac00ce3&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=42971800037452204438446012464016&a=0c3b7079
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=42971800037452204438446012464016&a=0c3b7079
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:19 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 9B9D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame A0ED
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDTjf_Croy0gMMdtjXgm34I&google_cver=1&google_push=AXcoOmQt6EhNS7cpJnFrC-uu_7M4fmd4rEB-58vodhk3AhuibX1xM7Y...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=366bfae4025c15ec&is_secure=true&networkId=14000&version=1&google_gid=CAESEDTjf_Croy0gMMdtjXgm34I&google_cver=1&google_push=AXcoOmQt6EhN...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtenYgjY-lgMB0hSwAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDTjf_Croy0gMMdtjXgm3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtenYgjY-lgMB0hSwAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDTjf_Croy0gMMdtjXgm34I&google_push=AXcoOmQt6EhNS7cpJnFrC-uu_7M4fmd4rEB-58vodhk3AhuibX1xM7YjoCqIqbg6l5ybA_iED7KNyo9_UJz0Ht_QHtFA_tv_a2Ik
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtenYgjY-lgMB0hSwAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDTjf_Croy0gMMdtjXgm34I&google_push=AXcoOmQt6EhNS7cpJnFrC-uu_7M4fmd4rEB-58vodhk3AhuibX1xM7YjoCqIqbg6l5ybA_iED7KNyo9_UJz0Ht_QHtFA_tv_a2Ik
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
google
match.adsrvr.org/track/cmf/ Frame A0ED 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAC6DzXaWqUStczK5HRkyyg&google_cver=1&google_push=AXcoOmTOlOqVkZWCAoDNDDuNg4ln64Ofn7ngj8t9E4FjYaTaxfuvrT717BvJKbfQQilRTswub2RGW3TFTmj3jbuTWUKIqq-pp3s
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame A0ED
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEI_Do1nzmkeT-aIOWM_c5QE&c_param1=AXcoOmTqFeDREp02cOhbcPLWhEf5tcHNv8nWxMk_mP8f04v1sHE332L8zmK7Kqmr8B4Ig84Laiyji50Qhtc4G8jvex4D_SMTeaUW&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTqFeDREp02cOhbcPLWhEf5tcHNv8nWxMk_mP8f04v1sHE332L8zmK7Kqmr8B4Ig84Laiyji50Qhtc4G8jvex4D_SMTeaUW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTqFeDREp02cOhbcPLWhEf5tcHNv8nWxMk_mP8f04v1sHE332L8zmK7Kqmr8B4Ig84Laiyji50Qhtc4G8jvex4D_SMTeaUW
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTqFeDREp02cOhbcPLWhEf5tcHNv8nWxMk_mP8f04v1sHE332L8zmK7Kqmr8B4Ig84Laiyji50Qhtc4G8jvex4D_SMTeaUW
date
Sun, 01 Oct 2023 09:54:19 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame A0ED
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEEM7yASVq7tjf9d_3pSNkFM&google_cver=1&google_push=AXcoOmRreGByPZU_k3G4x_-uv4t0B_GbVLwjy7SPk2azkRKp7hqpRhavnaghPaY1zpZ1ReI2oSN-Mng9IFO82llIvVsFku-...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZDIzMTkzMThlZjA1NDllMzlmYjUxYTUwYTk1MWVkYWI%3D&UIDF=CAESEEM7yASVq7tjf9d_3pSNkFM&google_cver=1&google_push=AXcoOmRreGByPZU_k3G4x_-uv4t0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZDIzMTkzMThlZjA1NDllMzlmYjUxYTUwYTk1MWVkYWI%3D&UIDF=CAESEEM7yASVq7tjf9d_3pSNkFM&google_cver=1&google_push=AXcoOmRreGByPZU_k3G4x_-uv4t0B_GbVLwjy7SPk2azkRKp7hqpRhavnaghPaY1zpZ1ReI2oSN-Mng9IFO82llIvVsFku-_YMUf
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZDIzMTkzMThlZjA1NDllMzlmYjUxYTUwYTk1MWVkYWI%3D&UIDF=CAESEEM7yASVq7tjf9d_3pSNkFM&google_cver=1&google_push=AXcoOmRreGByPZU_k3G4x_-uv4t0B_GbVLwjy7SPk2azkRKp7hqpRhavnaghPaY1zpZ1ReI2oSN-Mng9IFO82llIvVsFku-_YMUf
date
Sun, 01 Oct 2023 09:54:19 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame A0ED
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOX6akDeXILzvPxSFbC-Bqg&google_cver=1&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQqEWG8O-6...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOX6akDeXILzvPxSFbC-Bqg&google_cver=1&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQqE...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XgMPEoOtTH-hgR3OBCu2RQ&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XgMPEoOtTH-hgR3OBCu2RQ&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQqEWG8O-6g1myo
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XgMPEoOtTH-hgR3OBCu2RQ&google_push=AXcoOmS6MA8GN9L2y45sxx7y6_yghrmExxlSFmfywbNhXHx3Wef-mEenrvwEHrbpLV1g_IGIpg2NjjaVWzvnBQqEWG8O-6g1myo
access-control-allow-origin
*
date
Sun, 01 Oct 2023 09:54:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
0.gif
id5-sync.com/i/495/ Frame A0ED
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEAkPgm_ir05d41g_uA5wqnk&google_cver=1&google_push=AXcoOmQHAIbD4lO-KrAN7OtLO30vnLAJu733-dHdH6LK-7NM9hz89DligPe1DH_YHW9jIVY3QWJ-vvIMtBOSc7X03j5jmXIceJyH
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHAIbD4lO-KrAN7OtLO30vnLAJu733-dHdH6LK-7NM...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHAIbD4lO-KrAN7OtLO30vnLAJu733-dHdH6LK-7NM9hz89DligPe1DH_YHW9jIVY3QWJ-vvIMtBOSc7X03j5jmXIceJyH
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 01 Oct 2023 09:54:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQHAIbD4lO-KrAN7OtLO30vnLAJu733-dHdH6LK-7NM9hz89DligPe1DH_YHW9jIVY3QWJ-vvIMtBOSc7X03j5jmXIceJyH
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame A0ED
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEICcakCUCr7m_7eUHvIOrVo&google_cver=1&google_push=AXcoOmST2fkPLF8Jc...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D&google_gid=CAESEICcakCUCr7m_7eUHvIOrVo&google_cver=1&google_push=AXcoOmST2fkPLF8JcD7QxtmwYL80CwzVZx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D&google_gid=CAESEICcakCUCr7m_7eUHvIOrVo&google_cver=1&google_push=AXcoOmST2fkPLF8JcD7QxtmwYL80CwzVZxdjyD_opDJUlwBeHhY0_5XvDd2Ccwf7e4Y7UPplaX69rzoePN4KKc6S0bnTWXRULGDFtw
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
an-x-request-uuid
c1d67400-3ab1-444b-914f-e2b0774aa32c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgzOTU2ODU0MjEzODg4OTMzNA%3D%3D&google_gid=CAESEICcakCUCr7m_7eUHvIOrVo&google_cver=1&google_push=AXcoOmST2fkPLF8JcD7QxtmwYL80CwzVZxdjyD_opDJUlwBeHhY0_5XvDd2Ccwf7e4Y7UPplaX69rzoePN4KKc6S0bnTWXRULGDFtw
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A0ED 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1XLdWl8HEN-9j2550bwipmeCe1MLXJPJQ-Wk48ZQoIEvimIZ9m7-OFgdS9kAxLnI7DGuRol0
Requested by
Host: 69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
URL: https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
63472.js
delivery.selfcampaign.com/b/ Frame 8C6F 		0
0
/
track.adform.net/csimpr/ Frame 8C6F 		35 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=67069920&csi=mD7Kl3tURjhr2PXjHbHoaf3_k-k9bYcgZUjPAjqiGTLrygPkIxxfk91CRcVuzsk0P87yniSjy3MnCgVT2owhKWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.teads.tv/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a.teads.tv
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
09/12/2023 20:49:35
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d1f56a391675060ebe24379dd4cfede2
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 8C6F 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f56bc825839f62fe7b2597768b08fa433e8ad2e02db872cface67b4821ffe034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E97D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNcOlTTF3l4uqpoZv_AyeXHBYvLug1IyNCgjRIDKmWaPpK3NS6I-EPYs_FLKNsCyUrnsjivPti-DBWJ819_QnzuI2dJEykeGTq4ewQrPo4RZJ0TTd3_cpz3g1x5XNu8tuQME6JI-6791ytIxb6XX9_Ui9zvgemsQBC8p1quGLXOpNpCaM&cry=1&dbm_d=AKAmf-D1aeki8Lt5HWYMGBJSGfkLdENXe1XgyJLBEb6zScIhxSPTkGHRAHXJf4LTbov2zhFIBi57xU2-fDJXDzQE4GIgG3caRNKHCPSx0Hb8SVGUgx92RMVbUsoT_a0yJdo0xyIbHYvscXn4pltf_xwLvUIfCoAvBOnOtCXB6hlpP3dkriK5ne63Rugh67_52KSKyIpudFku9wkfuQXVcFQnHdo3MeIJWPNR5c7ihrPscvnZPghPcQp5PCJ2_4vDkId5FuAE-PKmON8lrdNY2L7FSw5LvkFufmyxJC0_MVRqfyZungmGohg2xgYeTq2uPVV4AcAG2ssm_gt_vQ7Kkl_5jslXDpqbcc8zhzcpQba3jSd6Z375XcDy47Q8XdsLBa3Nd5IzboVIxkNIZYOIIpVcfMhJc4fAoujvULxa6u1gAzivx0ifxpKRzQwnLmQorujS2Z0NDl-65VCt5iR-TWMIqcc6FPhsK19kF1SnJjhABXAEjxJTtpEQwYfBC_ieoEAuBQu5fbnDzzh0B0DPDUaJ2gCV0HF0BlYxjVGIn0Y8BsB-EobMOn-DpoFPIWi6ThcfF2BBXE9MDflMTr4vGEZZpOBm3D4gGEEZNrYsFhMp22RmRIvGWlT31chV2yhe7Z03ZRY5pGiEwMiTYLmJJ031ChNbEXZ9OX_5RuSnQR19gHPG1xL0nLry-QgjT3CGQT_fJMJPXkpepIVbW3V4bT9TTPcOGSWuvgaha92jwmlCs8jxU0DKUXWZAWHqGMq4nV1w-sFrNYSiugpl8Yt6wHgeToubdqu586wAQR8HvS_yBhIXycKIsQsclIMs-ObfeKpzAbi3xfTdG9Znd-MNEITwSWSxYt_xGSOgNUZ0ZYZ10YlHrI6ioEcI9T4qL3hAE2g2eqigcfSoLGDYRd0LeeUBPa_ebfdEyivCkLQ3Ep_V1EGWhccCefHQ8CLsFKjzTkl21i4cthwoT2HykjjvK3WiosvFFjtXEVGs8PC_tZ4252dBNHpllMue5iRktcHs5UmumYl3OWrWGUjBJNnpmlwtokZieZ8TfDO_sHj9G1l2B3rTdeFgZ68U5rh1QMbc81TEgDHc2Gw9PgcsQQ1prg_6dGg3k2N-Y4RRD9bRueLM3ps2TEbEU0ZON8Qhj9NmCrGmwwWmX8NE4ojw4sQyLlwyaV_cwCC1km4YItp94VrWM4CzsOlGHJcEMLjqe7R-29qryNYwxgazC8XM6AIIiLG3s3jK1dedkCU-6OmCnGjJxvGm4HNClAJDDiZtYm6c1wLwh1xxuO1MgDzFSXJUPmCjjzJVI31SIWE9QYdZFVUjL8V_bBpUejyE2BhWb9w0sObT5Lq2q8_zvtd7ARKC2qw84LLqTpfUmA3YkRp0VD1E3Ne_Xt1pB-uS-Y41C7WQg5lYKplmJHrLI7KvWb85LWxYuJKSSAUXrVfxqje6Eggl6frvfCqxWF8kvt7vEvWAJM3_e5sFQNFVPMB0xNUWYYTbb2qQEOrXaLIVR6WCT11X1elDuDgdaSWUqN_yZKLVExreGBUDT1LkfxHnh1uBRwp8I3I3EOaRXy0IgGolSN91VRbPrUsnjIHfdPeAV85FZzKdgnwruWZTMfbANoQQKTLJc2GaIwWYR24xCnN2DDrwhV9T4yBw_azjJxdO8P_IqfPYVj7x_0OnmPi46SiC6v9btYHH8zmmm2k1TnMnAIEt2cL6sdclwE44JXkiZJ6V8CosQbhFjzR7M929BC1anjdc4KjNe1-5ptQFi0Z1EfHM8_AZwvmx1wDrfm13AEe11kRAQmBCIsQpx9SvbJRGPg7PMmklYue6XRGnLsLYUAdajn7aJ0zDs7CugI646wKyLlcwijwNsySSd2mGbOOQbRXlC7wNf_-joUoShWKDSOfvMCig40dcuh-gSSeEOyxG9WbSJFqabwM-mSoWvHRq-hsN4POxMh0DkPh_kpdunoYryWVskGRbAOyKE1fMBhfLCLmy9s9iakmOPe_nS1JStBreousylgMYBSD9LYISlLk7ttQ43pm012zsT1Zdv36tjqsQ_NkSGMddkQNmskcsTflbL4Quhese6_Ibx2xAxEpB48x8aIMXJtW7OiGBFollCdPW12v-jAIHTp2KkYLPD0MEm0ymA_yDpIv5RbQK_2hL5fWOguXiOTdk3dGuh_I7MmkejovstarXRnxsuIqBI1R-CQ7zzfJrBaaK7qL4rZA_CyCMAWWh390T-2rppzXO_V7qnBnWN2ciiANs2ltTWDoX0dMUtDsKPQG2wl7dLmTPeYah_-IuI6K3D6-Ewf0ic_qcdQtbgT2dPkkEaBoHiokHjUtL5U4TEldAAUJgS7CGvUAGYLCzWHeYeCE0lx3Dwp7iaTw8GgF5OXOqGcvuexeZJmmNc0IeFdVaoarB0e50FQIe4Gac0YADFV5FrFQrdVgIDCoSbb5TKRR4Rii2-H93snGMdhlxev737RFfHvXJdOwYn4zqk9Hb2xyAXRQPXuLXJ49dLdsGi9MJ8QZREQJLCVClVlYexduZzx4dPrS5mf1Vi3tUvPCuKbgMZ-pYFIuHcL5Fiw8UK75Zi8fRv1G5p3syO4Usd-RK1H_JwnC6Kw82B09opY1Dda5s4xgoFRyshARWr1rGnNFXDlPOyZBettXksWOaB6lEuGZZsnsRaiuno-CmHl7Jk6mxOMSJ3rPSk6mvABjS4s1L5bRvfRhNyYMKvZt4LJkA8o7_Tj05C4pP8pGXVaKTtRlgH-kNBVYgnElwGca8MYRf_jXwW7FUat671iU13iuHtzNUrDE1BdTSTctqenkrg9ze2ReZit6TOSiYMnrVMsV9rLPq6tb6yM-CradCDwgDxDiOug7FQr0xgUiV44IqHaSWbnOXTZW6vxFKMYy0lEufBNnaj-pksyJKqDcl2osMt8Zm54KafpL2Xmk_O5iA3Q08Od9ptHdMNrtt9HIBeRBh4QD__v8pjseiVXmdRjXDH6iJ9BQ69kSmn7EVGwfgenSB2hfcGs7meBTgAlKRDRsbtSsOUr00Q3CfwKNiti3fYHFlAFYcCaubPUZkUE2yVpEmFHzJU5P0y1QD66ggpEbcc2iG7fFHzRd2M4GHsTcZacBg6Oyacug3iccIZYcx5SOjQzLIIqJPYxkwwfKfBzyGxQI1Cs_v0AwPf9cB2uZ-C9rj5Zqx5ZhisGC9YrcDiLbJLJUO7fYfVvQr-3zhTGWkVDGN0XjjpPfjMBkhaL3Zuv204Db78eaNZG9m3ml-pLIHC16852rXytTz-K2SkSft8gefyA2oR7fJ6D8iEvj2KqbpkWsfQ7S7oWlOP7fGhhpjO0vwlwa2RR6l62Qbwc6MoldZW29j5OtvOBDV75NEiVEUH1CsBVv_f9zrWxikkA0crH8pRJs9PkL5HSetM8T4bYKet7C4Dn41VKEYAle6Pkwzpqhqge_jvvwpfwKcpwYcA9Swxev6wukyPQk7HTfBcZutyAC_5s9wiJVfFuVCAPEozZB6U5IM8ZfkBfTCDUS54cCzW5ktELjjjIUGvaTlX7IvsX_LuoJcAnpZfXMMQCDqJ7GG0hjV74_G5ZchTy-GRfjYi8uxQCu-iZaT94khPcPE5bh4rRPc2ugkdPa_n6LNLVSvwPyJvZbIQLmDFoEAfjsTODUXeOY7X8vVXw-ECrEUNIgcGVKbJHLx_jBtYGlaP116gyy045RYbzlJOzC_UT1pziy9D3EFEun7iKZluG3PK5_QRVrDSmr-YzDPGiopNK1NGLuPLqBoI_zns1W4EoBhx_CLp2ULivZ01mO0F4pI6Z9hloH7z2M2QSEBUSWUM6R-WwYFf2MevBfvl5a2NwticxiFGTIDrEJufbdL-NCfdgGGZdieyJDq7cu7zf-a1RMlUDoRK6mNTwtGZJmuwH6-Yb3oaS7XEqLSLjP4GCOZLOMrabTiY-HYffAnYyPUisd2fce_dPBfxctpDG2t5NVIU1fDGbTSK39vTeER3kYGxkh0jEHwHh2mLHL1QtoVyxiIwQ3WPMFymlQ&cid=CAQSPADICaaNtMPOUdViBXd7dkjNdnMooSUv2z5vkl6A6eHWgG_6LvZaE-C3tcyPyNZ0KDNLq52vs6bW6I_itRgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=15595957837707618000&adk=3676778483&idt=136&cac=0&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
183355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame E97D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzkC-ykEZZa2UJOqv1fAPjYiXyAGRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEkAJP0Luo66116RbKCocnha6JaUzPVVIa8p3OV57KzLTHpUhVE9LQ1EtnsNyOukr4My7TEc80vkDRUUm228LVTj9C-y5oTA_9CVt1rRcq0Ia1ZC-lgDz6YW3UmumoVQyyE0XXnIhkI3iZ4TDesDdo-cF3pYI38zBGo5qbshZPrDgfNIDqcKT8W4d9Hfo3fkt0Iu7h5f6L904408fYfsJWxKkzY1t31vxPjSfWVQ8XCJard1Ij9UYCPpN32C780ega21ZtlzuZbhkXfUsybi6IjysIdD4mN1uqgAaMX5MlB09D_q8kVZI3fkYshOhecZL3LDEVo7qZeMWCCbwmhsyteyPIgiiIMx_-1mGlZvCruOOUL8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIraGWocrUgQMV6lcVCB0NxAUZEAEYASAAEgIIIfD_BwE%26num%3D1%26cid%3DCAQSPADICaaNtMPOUdViBXd7dkjNdnMooSUv2z5vkl6A6eHWgG_6LvZaE-C3tcyPyNZ0KDNLq52vs6bW6I_itRgB%26sig%3DAOD64_0SA5Z-WvdqObRLrLnZIFOFP5hFMw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DNZVdBqyZ2DfBd9i1RLjAUV0UpdbmDHXn3YGQFf8JZe4z1lo1zfHUWaVZbgK2CoxLyQ3pJx61CrIKkXY0o8FwDoUQ02uHExRQpPro88BUGpv6HPYw_2aoYDfPuJxRsGI2Yp_3pHqzQXBTRCVUfHEZLrCCGvL58-EzZmQDSe-Pa6N3ztd0%26cry%3D1%26dbm_d%3DAKAmf-DKLze8ErULLEhWrrdkKQ-R54UoXGt_1IXEJxETXVMjGJfEa8DXq6W5KPEf7hUM7rhiJWS6P8XielUVmXrWVxyW4NtaA93RQj-Q0yd0VFc6hJ0O_oQl-HGF7spBAMO9nX8jt2Fuw5Iw1-f0nK_PnQqWHwnRjgEznSym20qf2E3PutBMWRyucWn9I4QzuwFLWf7PR0vjt48N9OHv00d9ExYgJQNWYFJGyNM3OsRVdP0hwOBy72NuCJGujU9gSdOhH_xIUonu-TLPWgPV7LyxYG4A9o2Okqo6q8uo0nViDVycPL0vcQu19arHd3iwa9E3svBXvCdxZ4A78JtYMHbOR_xKprBfZ3PSNMvNBszVVz1c-5pyPbi1LShlRTbw6FpJmfX37Bt0v9S3M-BJvNZIuucwAwmi7NWwzQHDQx3NbhTX4U5dC_Rxb1514NtYkKwnDFeVaKCx_Z_8YdWlf2IlDbvqdVA8xJS6GrlysEnkYKIS0RZ03g1QRNIIZLMjklSK0O6_jAgqsrMXe0D7HJsB8aE57qkERaN9VK1tAn75QbqSgAz0Y8uiMuDG5b4ZLVVbz8FqHVhlbieAt8ObFcLhGYICZ9XCF-nAAN9teMmo5JgVAwZ-F8ZHq0W6np3PJoLsp-9vKL2qPT3CYlP30w0eUlWLzqS_Hw%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
5a4667671f2519311d4d65e49dba3f85ee7cb20e78751c14c456886c68f634d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:19 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4295
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6220 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
573789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Sep 2023 18:31:10 GMT
expires
Mon, 23 Sep 2024 18:31:10 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 37DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309270101&jk=3558447428317118&bg=!o6CloO_NAAYEJRtnJCU7ADQBe5WfOBMNdw7DrquM8FQFV_7VkwegZxpwmgm8L6GEliwkigJeaWDotOb5lc-Eq5H8YUnKAgAAAJZSAAAABmgBB5kCy4L5AMs7391f7w8ZbNZyqvy5aDhiMgEIRPFqLRHJZvIioFkrBnk6-JAfkXE0qS9CJbGP08j09X-HoSUqGTSw88Svmk8Ao7Yf3L6Y9bo4xdzlcWqv82fhexagg3Hqqq2BntvFuBFyswifjzTXpVdaOsCTUHzmI19nVXv-kSdnkuiFmiYqa5-dsy7xQvy76TBuaaKWT2XDHIShME_vHhrqzLJ0_9j3yPNeqqc3v-uA3c-I4XU6bnFLGseK0V517MddjkQZnnWhSOI9rV0-1mywCnDv9dkDMAf0bxwVo3tS5rlClS9B0wER8F3ENhcaRNHjFpFQZjtCbZkLGhpcvayKOa2Q1hGduPRqG_hyGo8jXm34c1HoFBN0kURRCdxjUTBWO1evRUz2KukQpxCq6WmDugYudnsUIHEsqMBdZrzHQ0fokjGVb6NpQJ1sQq_BF_FO0wHPu8XBY4X5I9R0QfXxpF1VrO_sn6aw2ZxUEB2Bb69AMJJ2AWYKKXQMMU0AJTUdpaJsnZBONZESGxPHpLhV_JluwLSt4rBYYNa6naOUkYrqkeOwN5kux8FWz_RgR8BD3yK9WArJnIjjZbMDQBk68-_3SeNbE3cN2exab7OtqamDAmwFt5jNdapA9OkLfGp1wNcMvkujafaX64LAhoTnoOs7bd4_eqLcJvXM05lSE1S-4PqFT4aQZBvSiVBn6EJU04NSkiE8GkSCG5v6qOR9OLf6lD6yhD6cHdWSqzg-b83dVHGrz7SU3LmcoQm8FVciYjUjyMOUMoTmezROLDtc8xz_K6oXmgw9upGgYppw7RQ2MtD0njnZ8clRkxoQ1iFHepgVHgwLi8ROXj4f1Jgid3bo2fzK_cg_ZvtN1sMrwMfqgFXvjyHu58vGKpbsM8D1mPsyFhnc-ojULnwgb1jfdqZgkzOLeBIiVv36OsGc6ZiNsNF3D-ZojYAqP7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
pagead2.googlesyndication.com/bg/ Frame 6220 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
396967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14820
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:12 GMT
request.php
hal900026.redintelligence.net/ Frame E97D 		613 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=f01ef31cdb&subid=&uid=f029c43fa1c0bdbb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzkC-ykEZZa2UJOqv1fAPjYiXyAGRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEkAJP0Luo66116RbKCocnha6JaUzPVVIa8p3OV57KzLTHpUhVE9LQ1EtnsNyOukr4My7TEc80vkDRUUm228LVTj9C-y5oTA_9CVt1rRcq0Ia1ZC-lgDz6YW3UmumoVQyyE0XXnIhkI3iZ4TDesDdo-cF3pYI38zBGo5qbshZPrDgfNIDqcKT8W4d9Hfo3fkt0Iu7h5f6L904408fYfsJWxKkzY1t31vxPjSfWVQ8XCJard1Ij9UYCPpN32C780ega21ZtlzuZbhkXfUsybi6IjysIdD4mN1uqgAaMX5MlB09D_q8kVZI3fkYshOhecZL3LDEVo7qZeMWCCbwmhsyteyPIgiiIMx_-1mGlZvCruOOUL8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIraGWocrUgQMV6lcVCB0NxAUZEAEYASAAEgIIIfD_BwE%26num%3D1%26cid%3DCAQSPADICaaNtMPOUdViBXd7dkjNdnMooSUv2z5vkl6A6eHWgG_6LvZaE-C3tcyPyNZ0KDNLq52vs6bW6I_itRgB%26sig%3DAOD64_0SA5Z-WvdqObRLrLnZIFOFP5hFMw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DNZVdBqyZ2DfBd9i1RLjAUV0UpdbmDHXn3YGQFf8JZe4z1lo1zfHUWaVZbgK2CoxLyQ3pJx61CrIKkXY0o8FwDoUQ02uHExRQpPro88BUGpv6HPYw_2aoYDfPuJxRsGI2Yp_3pHqzQXBTRCVUfHEZLrCCGvL58-EzZmQDSe-Pa6N3ztd0%26cry%3D1%26dbm_d%3DAKAmf-DKLze8ErULLEhWrrdkKQ-R54UoXGt_1IXEJxETXVMjGJfEa8DXq6W5KPEf7hUM7rhiJWS6P8XielUVmXrWVxyW4NtaA93RQj-Q0yd0VFc6hJ0O_oQl-HGF7spBAMO9nX8jt2Fuw5Iw1-f0nK_PnQqWHwnRjgEznSym20qf2E3PutBMWRyucWn9I4QzuwFLWf7PR0vjt48N9OHv00d9ExYgJQNWYFJGyNM3OsRVdP0hwOBy72NuCJGujU9gSdOhH_xIUonu-TLPWgPV7LyxYG4A9o2Okqo6q8uo0nViDVycPL0vcQu19arHd3iwa9E3svBXvCdxZ4A78JtYMHbOR_xKprBfZ3PSNMvNBszVVz1c-5pyPbi1LShlRTbw6FpJmfX37Bt0v9S3M-BJvNZIuucwAwmi7NWwzQHDQx3NbhTX4U5dC_Rxb1514NtYkKwnDFeVaKCx_Z_8YdWlf2IlDbvqdVA8xJS6GrlysEnkYKIS0RZ03g1QRNIIZLMjklSK0O6_jAgqsrMXe0D7HJsB8aE57qkERaN9VK1tAn75QbqSgAz0Y8uiMuDG5b4ZLVVbz8FqHVhlbieAt8ObFcLhGYICZ9XCF-nAAN9teMmo5JgVAwZ-F8ZHq0W6np3PJoLsp-9vKL2qPT3CYlP30w0eUlWLzqS_Hw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6795182975263&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzkC-ykEZZa2UJOqv1fAPjYiXyAGRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEkAJP0Luo66116RbKCocnha6JaUzPVVIa8p3OV57KzLTHpUhVE9LQ1EtnsNyOukr4My7TEc80vkDRUUm228LVTj9C-y5oTA_9CVt1rRcq0Ia1ZC-lgDz6YW3UmumoVQyyE0XXnIhkI3iZ4TDesDdo-cF3pYI38zBGo5qbshZPrDgfNIDqcKT8W4d9Hfo3fkt0Iu7h5f6L904408fYfsJWxKkzY1t31vxPjSfWVQ8XCJard1Ij9UYCPpN32C780ega21ZtlzuZbhkXfUsybi6IjysIdD4mN1uqgAaMX5MlB09D_q8kVZI3fkYshOhecZL3LDEVo7qZeMWCCbwmhsyteyPIgiiIMx_-1mGlZvCruOOUL8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIraGWocrUgQMV6lcVCB0NxAUZEAEYASAAEgIIIfD_BwE%26num%3D1%26cid%3DCAQSPADICaaNtMPOUdViBXd7dkjNdnMooSUv2z5vkl6A6eHWgG_6LvZaE-C3tcyPyNZ0KDNLq52vs6bW6I_itRgB%26sig%3DAOD64_0SA5Z-WvdqObRLrLnZIFOFP5hFMw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DNZVdBqyZ2DfBd9i1RLjAUV0UpdbmDHXn3YGQFf8JZe4z1lo1zfHUWaVZbgK2CoxLyQ3pJx61CrIKkXY0o8FwDoUQ02uHExRQpPro88BUGpv6HPYw_2aoYDfPuJxRsGI2Yp_3pHqzQXBTRCVUfHEZLrCCGvL58-EzZmQDSe-Pa6N3ztd0%26cry%3D1%26dbm_d%3DAKAmf-DKLze8ErULLEhWrrdkKQ-R54UoXGt_1IXEJxETXVMjGJfEa8DXq6W5KPEf7hUM7rhiJWS6P8XielUVmXrWVxyW4NtaA93RQj-Q0yd0VFc6hJ0O_oQl-HGF7spBAMO9nX8jt2Fuw5Iw1-f0nK_PnQqWHwnRjgEznSym20qf2E3PutBMWRyucWn9I4QzuwFLWf7PR0vjt48N9OHv00d9ExYgJQNWYFJGyNM3OsRVdP0hwOBy72NuCJGujU9gSdOhH_xIUonu-TLPWgPV7LyxYG4A9o2Okqo6q8uo0nViDVycPL0vcQu19arHd3iwa9E3svBXvCdxZ4A78JtYMHbOR_xKprBfZ3PSNMvNBszVVz1c-5pyPbi1LShlRTbw6FpJmfX37Bt0v9S3M-BJvNZIuucwAwmi7NWwzQHDQx3NbhTX4U5dC_Rxb1514NtYkKwnDFeVaKCx_Z_8YdWlf2IlDbvqdVA8xJS6GrlysEnkYKIS0RZ03g1QRNIIZLMjklSK0O6_jAgqsrMXe0D7HJsB8aE57qkERaN9VK1tAn75QbqSgAz0Y8uiMuDG5b4ZLVVbz8FqHVhlbieAt8ObFcLhGYICZ9XCF-nAAN9teMmo5JgVAwZ-F8ZHq0W6np3PJoLsp-9vKL2qPT3CYlP30w0eUlWLzqS_Hw%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
43b0d8b45412dd1ea7abbc908100165b57b889020dee801a7b93ada264fd7a89

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:19 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
82412900038822104438458012464026
Connection
close
Content-Length
331
Expires
Sun, 01 Oct 2023 10:54:19 +0200
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Oct 2023 09:54:19 GMT
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-654
cdn-cachedat
07/19/2023 19:53:42
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
0922f234357c8450fd3a992f4f658a21
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6220 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfWKJy0EZZY-wI8v3x_APza2AwAUAAAAAOAHgBAI&bg=!m5ilmNfNAAZN1Q_XbdU7ADQBe5WfOE3JFaall3J-GOCJdcS3dcWl2vSuTqNECTPJOHyWvAQZoDK01wVRZJ3eqIJh7tjWAgAAAFFSAAAAB2gBBwoAbvm-WNI3c7wdstxfxf3EZ8GxG3IzPCHVKzi6Vai1TOP32EE7aX_TQSBhlkfF2HjH6hcTPdAf46pVT2R9Y1Lgpq10RHf5eMZ2pZ75CmvfnWQ07ytWUzhgrr053pBSjVnSsI9MtwuukcjYTDEkn6ttmQLjepiIuPNHA6o73dANvC7rVEtd8pNBIXgPPWGveBa-bjzcRW5MS26Km8n4lnvwOWWaqrLa37r-wEKxWuxRV0VQw2TbNU0szLtf7QE4E4ql8or3vXHr893BgCadt-p-qZQGss3L45Xxy2bj2z13fcfAIq-EASgGDhCpQbAU-GzGmHDNM8hDUR7I8K8M1jkveRqrYjdBho8LtIBgBICgf8AoH2X9rRSkfC7z1iNyfphVMS2w8swePqJQUUNoWi8SH_Z-Ss87vA0gCzpNWFJqfBciD8YhIzsqncNC17AmlOD1cHhZ2uARg1fTAlDOSQkRFY99SoNj9ea8k3NLsSvYQ-3QyIQdle1Qndfi3mlYYHKGva3-9bRohn949InwDoUoWRQwffVv2EzBWJ4i6IsiNbEwooGlgicDj5EfRH5pv8_R8xhjqVd-K_acEkJc6Gc69rkTcWhBJMgdTiUSWVqfkJTMQ5GoMiVYHt_qj0bZlvHNY-vXUcWK2lKIJ4ePXmasmBl6ak7cGAHdye4xhQRKqNiuwvNM4pCGuDr0SrCIuRnwFVtGurlcBYB3NZ3Rhrsi6nKp2h04WEELLMXzIO6GOYLJWJeewVvEEP63xK41ZnZK7rt0nAyRDPI_1gvQzP-48J58hwXkLb1isos3JRgnsJKrcvQmmMjgtCj8lTMuF_7xs1t3Pd5Dh7KELNJ-KqS8AzxhN6smnmd3pI8uliu2IuLhdBq89yt6mY5ZO8_qEbc4gfJLAZzWYFbdJ2InOsB9JAIMfAgexaq2w6a2o84ofHuYo_tNMGXu5TP7GdiyJYp5V1XNUATpvak19wpucZo8CXy08bezKjEneslDH1WsUKuf9MZ7XcpVvW9O6_AzeroaUQYfMb2EGPAStrswsgYyLa0gqxI-p7dyP4UK9RoufB1rCp8lh2iCOYrVt39TURe8eYs2VAs6wwk3vBK8GMmPszRN2Rtu0Gjz7xG1rMOqP-Dx6Oo3yA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
29dcc97bc362ebb12f32d22b93691041
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
request_content.php
hal900026.redintelligence.net/ Frame 180A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=82412900038822104438458012464026&a=9bf994d6
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=f01ef31cdb&subid=&uid=f029c43fa1c0bdbb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzkC-ykEZZa2UJOqv1fAPjYiXyAGRwdCbafvwg5LcD_AuEAEg0syBGmD1lc6B4ATIAQmpAuZOUjkYvbE-qAMByAObBKoEkAJP0Luo66116RbKCocnha6JaUzPVVIa8p3OV57KzLTHpUhVE9LQ1EtnsNyOukr4My7TEc80vkDRUUm228LVTj9C-y5oTA_9CVt1rRcq0Ia1ZC-lgDz6YW3UmumoVQyyE0XXnIhkI3iZ4TDesDdo-cF3pYI38zBGo5qbshZPrDgfNIDqcKT8W4d9Hfo3fkt0Iu7h5f6L904408fYfsJWxKkzY1t31vxPjSfWVQ8XCJard1Ij9UYCPpN32C780ega21ZtlzuZbhkXfUsybi6IjysIdD4mN1uqgAaMX5MlB09D_q8kVZI3fkYshOhecZL3LDEVo7qZeMWCCbwmhsyteyPIgiiIMx_-1mGlZvCruOOUL8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSMgNAbATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIraGWocrUgQMV6lcVCB0NxAUZEAEYASAAEgIIIfD_BwE%26num%3D1%26cid%3DCAQSPADICaaNtMPOUdViBXd7dkjNdnMooSUv2z5vkl6A6eHWgG_6LvZaE-C3tcyPyNZ0KDNLq52vs6bW6I_itRgB%26sig%3DAOD64_0SA5Z-WvdqObRLrLnZIFOFP5hFMw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-DNZVdBqyZ2DfBd9i1RLjAUV0UpdbmDHXn3YGQFf8JZe4z1lo1zfHUWaVZbgK2CoxLyQ3pJx61CrIKkXY0o8FwDoUQ02uHExRQpPro88BUGpv6HPYw_2aoYDfPuJxRsGI2Yp_3pHqzQXBTRCVUfHEZLrCCGvL58-EzZmQDSe-Pa6N3ztd0%26cry%3D1%26dbm_d%3DAKAmf-DKLze8ErULLEhWrrdkKQ-R54UoXGt_1IXEJxETXVMjGJfEa8DXq6W5KPEf7hUM7rhiJWS6P8XielUVmXrWVxyW4NtaA93RQj-Q0yd0VFc6hJ0O_oQl-HGF7spBAMO9nX8jt2Fuw5Iw1-f0nK_PnQqWHwnRjgEznSym20qf2E3PutBMWRyucWn9I4QzuwFLWf7PR0vjt48N9OHv00d9ExYgJQNWYFJGyNM3OsRVdP0hwOBy72NuCJGujU9gSdOhH_xIUonu-TLPWgPV7LyxYG4A9o2Okqo6q8uo0nViDVycPL0vcQu19arHd3iwa9E3svBXvCdxZ4A78JtYMHbOR_xKprBfZ3PSNMvNBszVVz1c-5pyPbi1LShlRTbw6FpJmfX37Bt0v9S3M-BJvNZIuucwAwmi7NWwzQHDQx3NbhTX4U5dC_Rxb1514NtYkKwnDFeVaKCx_Z_8YdWlf2IlDbvqdVA8xJS6GrlysEnkYKIS0RZ03g1QRNIIZLMjklSK0O6_jAgqsrMXe0D7HJsB8aE57qkERaN9VK1tAn75QbqSgAz0Y8uiMuDG5b4ZLVVbz8FqHVhlbieAt8ObFcLhGYICZ9XCF-nAAN9teMmo5JgVAwZ-F8ZHq0W6np3PJoLsp-9vKL2qPT3CYlP30w0eUlWLzqS_Hw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6795182975263&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
db0c389727869d191dd14654439c1a1e7ec177a45c1ae3a4fabe949ac6f33694

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1414
Content-Type
text/html; charset=utf-8
Date
Sun, 01 Oct 2023 09:54:19 GMT
Expires
Sun, 01 Oct 2023 10:54:19 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AD36 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
7134
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Mon, 02 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E97D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bc6c7d97d90fadf832441b3ed00a3750abb16904e24be0e4d53a5652ad5997e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame D75A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCz3_r7_hf1lW_cCwh8Ja0XCPCelP3KSGgu0Tr78azFs3CCvEc06pJnYvVNCQ0Y0eBshTPy6tuz7CNcA_wE3VcCOoW4yyjTvQMB7UjYpE_7gYRuVmsMA7bnh0PwuLm&sig=Cg0ArKJSzI9ErKqBxp_EEAE&id=lidar2&mcvt=1011&p=60,236,150,964&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230927&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696154058287&rpt=593&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame BF9B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:19 GMT
server
Kestrel
server-processing-duration-in-ticks
772225
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 02 Oct 2023 09:54:20 GMT
pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDitj-kjvtrKRrg7dlr7JUo&google_cver=1&google_push=AXcoOmQpJwWxiIf2ijUKfcRSfDAI0Ig63Br0SBu61V8ze-kgidE69AJ...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=4ca2bcc82d3715b4&is_secure=true&networkId=14000&version=1&google_gid=CAESEDitj-kjvtrKRrg7dlr7JUo&google_cver=1&google_push=AXcoOmQpJwWx...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHyc8EHHsgmQNfXCgIAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDitj-kjvtrKRrg7dlr7J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHyc8EHHsgmQNfXCgIAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDitj-kjvtrKRrg7dlr7JUo&google_push=AXcoOmQpJwWxiIf2ijUKfcRSfDAI0Ig63Br0SBu61V8ze-kgidE69AJA7Y-A645h6Sl-ZP63q3Tm6Vr8J9P6VmuV7oRuAUJWu3g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHyc8EHHsgmQNfXCgIAAAAAAA&expiration=1696240459&google_cver=1&is_secure=true&google_gid=CAESEDitj-kjvtrKRrg7dlr7JUo&google_push=AXcoOmQpJwWxiIf2ijUKfcRSfDAI0Ig63Br0SBu61V8ze-kgidE69AJA7Y-A645h6Sl-ZP63q3Tm6Vr8J9P6VmuV7oRuAUJWu3g
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPx1fUh2vNxV--eByFkHIGs&google_cver=1&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPx1fUh2vNxV--eByFkHIGs&google_cver=1&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_wy3ZZ-55OM&google_hm=HaZyvGZHzu9H2AHGSUuXnlbK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_wy3ZZ-55OM&google_hm=HaZyvGZHzu9H2AHGSUuXnlbK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 01 Oct 2023 09:54:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQnB5yr51FY5VzbP1gMZBXsOCQZFTsef91yjTa2hTstxwA9PWLtfW89jvHa6ekSeYuPbZPeaQDj_renHHS9_wy3ZZ-55OM&google_hm=HaZyvGZHzu9H2AHGSUuXnlbK
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDFNvKmA9sXtjTg7eVtLWc0&google_cver=1&google_push=AXcoOmRCcEcUcVWPv95L32eM_FwOLn6hAhOXf4txDUR6FpqD8RMjWM06gEG-1NSFYz4X60PL0QgTB1FpY8td...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRCcEcUcVWPv95L32eM_FwOLn6hAhOXf4txDUR6FpqD8RMjWM06gEG-1NSFYz4X60PL0QgTB1FpY8tdsnyfp4tsHkivDw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRCcEcUcVWPv95L32eM_FwOLn6hAhOXf4txDUR6FpqD8RMjWM06gEG-1NSFYz4X60PL0QgTB1FpY8tdsnyfp4tsHkivDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRCcEcUcVWPv95L32eM_FwOLn6hAhOXf4txDUR6FpqD8RMjWM06gEG-1NSFYz4X60PL0QgTB1FpY8tdsnyfp4tsHkivDw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKqgpBjJp9DD_kQxXpJ0BNQ&google_cver=1&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RLlhEX_TdZIk-DD16K2IcIUqgS3A6NOuFs3TE
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RLlhEX_TdZIk-DD16K2IcIUqgS3A6NOuFs3TE...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA0Mjc1MDU4NDIyMjg0NDU0NTM2&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA0Mjc1MDU4NDIyMjg0NDU0NTM2&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RLlhEX_TdZIk-DD16K2IcIUqgS3A6NOuFs3TE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA0Mjc1MDU4NDIyMjg0NDU0NTM2&google_push=AXcoOmSxnp4R9xITmWiYh6dhi4TCLmJY7i_0GXU0X556YizDLfVvPaEqsRu-H9RLlhEX_TdZIk-DD16K2IcIUqgS3A6NOuFs3TE
date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMtaWNuKCXVpgWHD-UwAtvM&google_cver=1&google_push=AXcoOmT8AafuRlSOf4fTm9cCb2VNZt7yhGkEdHKxQ1YUBZ3Zrm3i4kf4YPUymcZ87ZsdQiLpw7c2h9mlEp8rcKRRW_Flr7aOAsU
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&mn_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmT8AafuRlSOf4fTm9cCb2VNZt7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&mn_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmT8AafuRlSOf4fTm9cCb2VNZt7yhGkEdHKxQ1YUBZ3Zrm3i4kf4YPUymcZ87ZsdQiLpw7c2h9mlEp8rcKRRW_Flr7aOAsU&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:20 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&mn_hm=MzM5MTU1NjYwMTgxNTcwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmT8AafuRlSOf4fTm9cCb2VNZt7yhGkEdHKxQ1YUBZ3Zrm3i4kf4YPUymcZ87ZsdQiLpw7c2h9mlEp8rcKRRW_Flr7aOAsU&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 01 Oct 2023 09:54:20 GMT
pixel
cm.g.doubleclick.net/ Frame AD36
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEAolx4V-mzF2RamLXaV-Aw&google_cver=1&google_push=AXcoOmR7qaZn3kctX1wRYbdZYhoGpirIJUFZW6z2CrgBEgmEkLytFf3MXn1QS27lkWBli4r28p54r-z0IeQqmq7qq86oWzQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qaZn3kctX1wRYbdZYhoGpirIJUFZW6z2CrgBEgmEkLytFf3MXn1QS27lkWBli4r28p54r-z0IeQqmq7qq86oWzQHvKlj&google_hm=Mjk1ODA1OTM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qaZn3kctX1wRYbdZYhoGpirIJUFZW6z2CrgBEgmEkLytFf3MXn1QS27lkWBli4r28p54r-z0IeQqmq7qq86oWzQHvKlj&google_hm=Mjk1ODA1OTM0MTIwNjAyMzcw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR7qaZn3kctX1wRYbdZYhoGpirIJUFZW6z2CrgBEgmEkLytFf3MXn1QS27lkWBli4r28p54r-z0IeQqmq7qq86oWzQHvKlj&google_hm=Mjk1ODA1OTM0MTIwNjAyMzcw
Date
Sun, 01 Oct 2023 09:54:20 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
report
sync.teads.tv/um/ Frame AD36
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBEMVVTSolNH...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGI2NDU3ZTUtM2Q1NS00MWEzLThmYTYtNGJhYzljNTk2MDhk&google_push=AXcoOmSZpL-1dSbM-lRsaYMofxoiDI2seKmVSB1e3aP8NFcNfiJJHP_CxaflN-gp-XezF...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 01 Oct 2023 09:54:20 GMT
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AD36 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6y8S3TXLuYMb-MZqW0OCW9q08tzSXLU0OmQ0bCajieAjyXWBunAUpQ6UfrGFzm2NCTPgxooQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696146858&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696154057947&bpp=156&bdt=667&idt=599&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dcdfb3616257d7050%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_MYZsjJs954Um4yU66Ut8AfQMcE0aw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=7766959942343&frm=23&ife=1&pv=2&ga_vid=1391071136.1696154057&ga_sid=1696154059&ga_hid=1835355114&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4448&biw=1600&bih=1200&isw=336&ish=280&ifk=3189101564&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31077328%2C31078144%2C42532402%2C44803794%2C44769661%2C31078216&oid=2&pvsid=3526068050715173&tmod=911301377&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sceovouio13z&btvi=1&fsb=1&dtd=611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:19 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
61c4aee03d647db5ce62cac1bbdecf9d
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 180A 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=82412900038822104438458012464026&a=9bf994d6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:20 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:51 GMT
Server
nginx
ETag
"5b55f217-1348d"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
78989
viewability
hal900026.redintelligence.net/ Frame 180A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=82412900038822104438458012464026&a=04ac1a7f&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=82412900038822104438458012464026&a=9bf994d6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=82412900038822104438458012464026&a=9bf994d6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:20 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 180A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sid
mug.criteo.com/ Frame BF9B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=qGiJH3xBa3VBZmlhaU9PQkVORmRVTlAzcTNkT29ucFFsMlhuMUovbmtrL05kbnMyMHlZL0N4dFNCbUU4dnVSYytEL0xkbFpsWnhOY2RiOFhvYnI2bXNrQ29qUU51TlF4MzczdGM0b0pOQXdtd2pVOGtyUkh3eHg4M25zOW...
427 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qGiJH3xBa3VBZmlhaU9PQkVORmRVTlAzcTNkT29ucFFsMlhuMUovbmtrL05kbnMyMHlZL0N4dFNCbUU4dnVSYytEL0xkbFpsWnhOY2RiOFhvYnI2bXNrQ29qUU51TlF4MzczdGM0b0pOQXdtd2pVOGtyUkh3eHg4M25zOWZiMkxwOTd1Tmc3RFV0QUdzMGE4NnRZcXhKcjRLUWtSZXJoSnZmTGlXM0lWVGVlWHl4UzRISzBmRWNtek5Ib3g1L3dFY3pZODN5WCsramVpcGtCcUJZMDBIUzRyb3diVENiWFFId2NtQkJaRWJqNjY4OEFrVE9NSUM4OWNLZUdPNXpzNVRXb040a0NERkxFcmNhOVM3a1JtbUV6UHJaUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
663c805bbf4171bf0a11196eeb5663b37d3c81cf773900cfabc4b307f0fcaa1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
838460
expires
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qGiJH3xBa3VBZmlhaU9PQkVORmRVTlAzcTNkT29ucFFsMlhuMUovbmtrL05kbnMyMHlZL0N4dFNCbUU4dnVSYytEL0xkbFpsWnhOY2RiOFhvYnI2bXNrQ29qUU51TlF4MzczdGM0b0pOQXdtd2pVOGtyUkh3eHg4M25zOWZiMkxwOTd1Tmc3RFV0QUdzMGE4NnRZcXhKcjRLUWtSZXJoSnZmTGlXM0lWVGVlWHl4UzRISzBmRWNtek5Ib3g1L3dFY3pZODN5WCsramVpcGtCcUJZMDBIUzRyb3diVENiWFFId2NtQkJaRWJqNjY4OEFrVE9NSUM4OWNLZUdPNXpzNVRXb040a0NERkxFcmNhOVM3a1JtbUV6UHJaUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
261437
content-length
0
expires
0
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-197
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
3f39fc31a537a58c27638491c766a8ec
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=visible-1&pid=169092&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&pfid=42&piv=34&env=js-web&ut=1&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&sid=192517&scid=7024&pscid=20204&psid=415253&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&p=-tFFZZHPT9yzkUZpxykmlcV_eckyTazVL-KjL34FCoRX9w&cts=1696154057594&cs=-402791019780396078405&1696154057594&slot=native&fv=1262&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
351 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-169
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
98e6c89b6db24aa86cc11f672a07349c
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/getconfig/ Frame 304D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae9f324d6761e247bf6afddd903ac98c3723814eee5626b7827e2c7438ace35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12180
x-xss-protection
0
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ce568bafcbad50909ba6a06c2d5e0f69
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 304D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 Oct 2023 09:54:20 GMT
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-680
cdn-cachedat
08/15/2023 14:35:15
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
211ced15a26dadb79d07988aa1ae6c02
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A936 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
52038
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Sep 2023 19:27:02 GMT
expires
Sun, 29 Sep 2024 19:27:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DA7D 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06c8fdb5d3045a132027a555e625a11f9a42bc225e93347ef645ee5beabb405a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9NsDVRNVZF3jOsTTBkySTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9NsDVRNVZF3jOsTTBkySTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:20 GMT
expires
Sun, 01 Oct 2023 09:54:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame A936 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
171296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 10:19:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DA7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=3526068050715173&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A936 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FssjpQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 327F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2pR-t1cDCrSePT9jBr4jQw0CxaaF63JtpOXD0vmibs4yjxlf8wp_N9CBl2kii-v6lo8uo8NsPrea0hBIUR9RhDk76mg1lcdnVdz000iTD8KUkkfqag4sf35I7SRuN&sai=AMfl-YQ-W_npj3_yhkg-VCcIYhSNZ8lB4Dlu8Kx59nF4YlBIZC57iMaL6eyq8HLWUjR-_wD4r2luMw57-3F058kAUiTqDJ-qaAi9xlptlhFHc3oSHaWQB7_szu4b5Hgv&sig=Cg0ArKJSzGLxF0EtopWtEAE&cid=CAQSPADICaaN0hRPN6q2HSyn1PcoBNpS8sPlCaebxf8aBBf1VmQoMJRBsKPjNEKpKLJi4m4AA21l9ImlGIIQwhgB&id=lidar2&mcvt=1000&p=1110,650,1185,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696154058300&rpt=1143&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900016.redintelligence.net/ Frame 9B9D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=42971800037452204438446012464016&a=aac00ce3&vb=v
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=42971800037452204438446012464016&a=0c3b7079
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=42971800037452204438446012464016&a=0c3b7079
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:20 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 327F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5126231580410&version=m202309120101&ct=77&x=1&cor=13959187319415812000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-662
cdn-cachedat
09/09/2023 02:40:34
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ae5a51a5094fe20ffefb8ff99d822196
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 01 Oct 2023 09:54:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
212227
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
171051
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
144f1ff96e3ccc95f0cad3f40e8537b014fde1668913b51c96e951bdc8756d72

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 31 Oct 2023 09:54:20 GMT
usync.html
eus.rubiconproject.com/ Frame 9C36 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 Oct 2023 09:54:20 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 292D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80f3d2e0cef45d3a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:20 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F02A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696154057361
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame FC03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sun, 01 Oct 2023 09:54:20 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pd
adpushup-d.openx.net/w/1.0/ Frame F55A 		653 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5013f3a57eb362b74aaeee0c64487c7a641ff3abf1835af376464cd1bdac5207

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
413
content-type
text/html
date
Sun, 01 Oct 2023 09:54:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame CE31 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-105.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
84775
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 30 Sep 2023 10:21:27 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amz-cf-id
ggxlH2cg9thqCJBmrXH9PFE5onkwu5OYtG6oIgfHPMk0ywIlLxpocw==
x-amz-cf-pop
PRG50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 8F55 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:20 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 76DA 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
831
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80f3d2e12ba304a6-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:20 GMT
expires
Sun, 01 Oct 2023 13:54:20 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8BBE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
86347
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 01 Oct 2023 09:54:20 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 22 Sep 2023 09:54:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
15, 403586
X-Served-By
cache-lga21982-LGA, cache-fra-eddf8230055-FRA
X-Timer
S1696154061.982477,VS0,VE0
checksync.php
contextual.media.net/ Frame 6C5F 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8491
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Tue, 03 Oct 2023 09:54:21 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sodar
pagead2.googlesyndication.com/pagead/ Frame 304D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=3526068050715173&bg=!enmleTbNAAYEJRtnJCU7ADQBe5WfOIsaclbNtFo7Iw9wcmpdkCVaXW2wpDLtTxJYuXJInN35shDmr6VsjI2dy2PFtqiTAgAAAD9SAAAADWgBB5kCyo3qu3tAS65-Zaa-g-Rvi4kQINMvp9SVUCDZyjAdj1B9oPGVzscb1Hjt5V1xWYiHRu0HIq0XEGq0HgfaDpcvNyCEUvJ5yPmAST4AejA-fUH8TS0VjTMNdHWOeYckd6w7nXaBauDemnA_PAs03H85wJD3WKhrDmy9DGxga7hjmAgtI_R3-e_7QADtq01SGwocCGqH8KL9PQB8Uu7jTeCZQnDoPYanp6P_YXJ5dpqwVGPTHiDXcEqgjifHAFiTiGOUzGrPIcZSHhLWN9cA5oqMBHbRnBciHnUXTZgY7QMq0uu1KXURO3eWfi1ndh6_D68PMqbyDAYGhvuWvsLA5w3YIUmaDX-8Xqj4KNnTxuU5qGthuYRJctwBV4zZ_tHfCNAG87Epa59y0oVtKIye7S3t43pmx9YRweWUtSBdXa9vBISc0yFXICbgemKFJaOY-McvTUagmqB0OR-WjN_ua2lIK_XfuHourgjv75UEqBfwhNvKV5OeBn0VibOx03Bv7TCzzMvO7-jvYzM9y_oy3VefsBIs78rVrJMxloOlvVhyB7B5kcLe35FEla_q-hLwQHmaxb-yhY8WVRjIlr-XZIdxjjsMn3q4QOOfnNEzFLJPP9FhOYsmIS5Z6tYJdXXCUZ1uiJRGcQrVHB9YfsFG2ccYITNIaw7hkUlch1XTRySd_5iOedjSHSFWIjut4G813Aj0qEoZEtKGl3bK_iMeH7jh-hS_ppVNpVN14rBvlroEJsDFq0-__DKMjbRmtjz9OaAuFDlEibxYh2lymbhVERJjFxtfOaRS-tTlOChQct13V8H-u1DssiqnwN58ZoHlJztHHrpYU1YRbsLEweiY2Areisx6fhmu0mJdnSfHhSg7WMa0KWS6LT13sKyO8ly00CMXlRJWpwS5PqbakboKq_vXAhtv2SgT-1O3Sxx9_0IqvKw2_aiKYinBVGcP0g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 9C36 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67c8d8003bc0741220785a7d57d2db612a706276388204fa25382986ccce40eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:20 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Sep 2023 12:21:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8839
Connection
keep-alive
Content-Length
10474
Expires
Sun, 01 Oct 2023 12:21:39 GMT
sd
us-u.openx.net/w/1.0/ Frame F55A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wlrYPsBeij7ZWI80zAzEYcVa2DLZW48_zVZjutka
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wlrYPsBeij7ZWI80zAzEYcVa2DLZW48_zVZjutka
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=wlrYPsBeij7ZWI80zAzEYcVa2DLZW48_zVZjutka
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F55A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5103897635273492050
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5103897635273492050
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5103897635273492050
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame F55A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=cd529778-bd69-cac8-1b0f-67f6b595e75e
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1MAKWE42DFT0XHPNCJA1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame F55A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=9584eb05-a1c3-7132-db01-e561dda62cbe&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame F55A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjllYjM4Y2YtNjhiNC0yZjk2LWNlZTEtYmZkODE3NDRlMmRl
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F55A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP_GH2IANINqIqPx8Iz9vsg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8BBE 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
an-x-request-uuid
ef8a84ed-7690-4202-9749-2d2d9cd39ca5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5965 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbe24ad3b6d2edf03c7bd53610828f317ae7dabe3e98e269389c8a521278265

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80f3d2e17b9b24c0-ZRH
content-encoding
br
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUL%2Bq28UR8bbXMKqdImJeF06yzrZlT2NWxhzIwbhZNf%2F8wRiwsyhLb4AoRukbw52sGJJXwrN6NjAhj4u31iGflxt%2FP1sA12S1ynIHUuj0yL%2Fata1tcafc5PBJyQh%2F7SP3OEG%2F3AkWtJc9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 292D 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
321911
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
80f3d2e18f885d3a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
13926
g2.gumgum.com/usync/ Frame C437 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.206.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-206-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69cc2eb6270df57d2eec23d6dc73d9c8baeb45abde821608ec4016ceee0c1de3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
etag
W/"045a6e7a1bb626d23780b70066ae4aabd"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame CFDC 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame A37C 		735 B
939 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
caf6614d7dd284632bd2d812f9134eb084c04feb0bdd5d4de973f75c3e24ecd2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
735
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 14AE 		2 KB
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb89ce18b6570961db3a4118d6abe4369c1511dbd17f5c818b750268ab975a4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80f3d2e19bf224c0-ZRH
content-encoding
br
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0ipDbC%2B7dNzqvZFB4pzyI8tMJQaPv6Thk6evP4J2ptQSvAp%2BLIKOpwvMJKlq3Vl8XFakxSmbHUYluppQc17k5c3gDcA78PcbRiMk1OL32R2mGt7%2BkhT%2FkAZMxaSzQJzSBTmKLBAPbz3nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8207
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 Oct 2023 09:54:21 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 66E9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172721
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Tue, 03 Oct 2023 09:53:02 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame CBFD 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
01298b5a9e9f40f2c0143f2ba18bcd96bfdf10127bfa4e05509a697eac7ece11

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
x-amz-cf-id
BG00Ztd1UNwcnoScLGdcJH8K2baelOZF7xKlKaagVcE1EATA-oUzCw==
x-amz-cf-pop
MAN50-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
4
user-sync
sync.adkernel.com/ Frame 74FD 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 01 Oct 2023 09:54:21 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame B782 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.82.132.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-132-167.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
81b95dbb523b8353be1d60639be743753a831e8f8e4cdbe0462d5bec18d96712

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7839568542138889334
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7839568542138889334
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
an-x-request-uuid
08a3d0f6-22d4-41c1-b618-a3bc80956dbc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7839568542138889334
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=HaZyvGZHzu9H2AHGSUuXnlbK
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HaZyvGZHzu9H2AHGSUuXnlbK
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HaZyvGZHzu9H2AHGSUuXnlbK
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame CE31 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 Oct 2023 09:54:21 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696154061151
  • https://ad.turn.com/r/cs?pid=45&rndcb=1068685583
  • https://sync.1rx.io/usersync/turn/3848987879357663383?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX90e355a0243d4d00bf94671ecd6f796f003
content-type
text/html
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=295805934120602370
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=295805934120602370
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=295805934120602370
Date
Sun, 01 Oct 2023 09:54:21 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=b76e92d8-5d36-43bc-aaf2-03021a9438c8
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=b76e92d8-5d36-43bc-aaf2-03021a9438c8
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-83
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=b76e92d8-5d36-43bc-aaf2-03021a9438c8
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame CE31
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-16c69828-64ab-31fa-9b6f-1badcbb2dd03&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xNmM2OT...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-16c69828-64ab-31fa-9b6f-1badcbb2dd03&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-16c69828-64ab-31fa-9b6f-1badcbb2dd03&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMyAiIMOAI=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-16c69828-64ab-31fa-9b6f-1badcbb2dd03&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xNmM2OTgyOC02NGFiLTMxZmEtOWI2Zi0xYmFkY2JiMmRkMDMyAiIMOAI=
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame CE31 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 01 Oct 2023 09:54:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 01 Oct 2023 09:54:21 GMT
sync
ads.servenobid.com/ Frame CE31
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=e428bd8c-4627-4b4b-bcc9-2e3b89a89be0
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=e428bd8c-4627-4b4b-bcc9-2e3b89a89be0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=e428bd8c-4627-4b4b-bcc9-2e3b89a89be0
Date
Sun, 01 Oct 2023 09:54:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=visible-2&pid=169092&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&pfid=42&piv=34&env=js-web&ut=1&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&sid=192517&scid=7024&pscid=20204&psid=415253&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&p=-cuqn83wsLGB9j-dkHLsTRsv-nIH382GHSS3dF3i1Vzj7w&cts=1696154057594&cs=632109133141330117005&1696154057594&slot=native&fv=1262&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
drop_cookie_sw.php
csync.smilewanted.com/ Frame 4F30 		0
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80f3d2e1cfb45d3a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
server
cloudflare
vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame 5965 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HBKH78264F6M3E2EAD9P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5965
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5hM73eSqDfR8nbxr3hyM4&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5hM73eSqDfR8nbxr3hyM4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mx54CyAtp%2BVBvkBkuTEcjh7YCFlhX%2BHp4dsd7D6YMSTFsk5zyM4iJFfz4TQkBxTX2WiWdWnAiaknPIMfG9ZQUzF3Z8OOdceMMyk03gQaUMcVaWKdqJiebn7F6fo2xXgRSFv2PWOpUqXMkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e2098c3c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO5hM73eSqDfR8nbxr3hyM4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5965 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5965 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 5965
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRlBzQAUiiMf8AAb
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRlBzQAUiiMf8AAb&_test=ZRlBzQAUiiMf8AAb
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRlBzQAUiiMf8AAb&_test=ZRlBzQAUiiMf8AAb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IS3r1cZ0GGkPnnInGAC6nWsWicmKvrOBgR0j8TLc76lcceGDVZk%2B%2FCTO9fhVmpM6sBv46UZ2u5D2XRjEQqgE2tuxbLEd8bs5PpdjWFLfzbD0aXld%2FQ74woGChLsTfpySTAo1gB02Gc6zA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e35ae53c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230091-FRA
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1696154061.304780,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRlBzQAUiiMf8AAb&_test=ZRlBzQAUiiMf8AAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
r.casalemedia.com/ Frame 5965
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEcCnejRzc3O7nuISEPwVovu2sNwBIDlpyBZoaz%2FFeIps2YCkNeU2JXoWryBDmqo%2Fsnx0QYHgZNgmqTUqxZV5pr4tQtzzNvDr8witQikME4fFxSlIt9whYrTgwxieoZTlLC2"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e4fc2e24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 5965
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7308033868154914967
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7308033868154914967
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbcBaArWGzyrJAHRL%2BzySZUiWskxx2itD0I7AA3uUUB0tHDzKMttmKCaxQxJwO%2BszIopF6lJ5Aapz0EwbMPJH7Ri4jp9y39zds3tv3Utb0T4cD1MMh5DZ3ePhi2%2FAnDANautEjH9Fx8h1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e2aa3d3c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7308033868154914967
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
362358.gif
idsync.rlcdn.com/ Frame 5965
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZRlBytX2FjzeDy.4kC0mEAAA%262128&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZRlBytX2FjzeDy.4kC0mEAAA%262128&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a9c884ec10114329b80a551bd1c5ac42
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a9c884ec-1011-4329-b80a-551bd1c5ac42
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a795d549-ea2a-4d25-87d7-c429aaea30b8%3A1696154061.8931248&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da795d549-ea2a-4d25-87d7-c429aae...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=295805934120602370&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da795d549-ea2a-4d25-87d...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a795d549-ea2a-4d25-87d7-c429aaea30b8%3A1696154061.8931248&_=1696154061.8952754
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdhNzk1ZDU0OS1lYTJhLTRkMjUtODdkNy1jNDI5YWFlYTMwYjg6MTY5NjE1NDA2MS44OTMxMjQ4EAAaDQjOg-WoBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAt48-CS3AGZQ2FlXF_uwlk&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAt48-CS3AGZQ2FlXF_uwlk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAt48-CS3AGZQ2FlXF_uwlk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5965 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZRlBytX2FjzeDy.4kC0mEAAA%262128
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
77600
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80f3d2e1ec3a04a6-CDG
content-length
43
expires
Mon, 02 Oct 2023 09:54:21 GMT
/
onetag-sys.com/usync/ Frame FFA6 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
crum
dsum-sec.casalemedia.com/ Frame 14AE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7839568542138889334
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7839568542138889334
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9EjXR1%2BjcHQ8ScLt76q1cl0PcUqK9DSOC8GY8silEeU%2BZyD0KzsZrpEGeTmZcS4mA0Z03tqlaDa52RsKDEP45Gg6OQ0qFvnpak%2BJgnJTCdhq4zcDEXBNXUwrJ1f4x46Ewa3G5lAarBjrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e249d53c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
an-x-request-uuid
9b2b5333-93fa-42cd-97fc-916e8d726d4d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7839568542138889334
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 14AE 		43 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-143.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1696154061163079-379
Expires
Sun, 01 Oct 2023 09:54:21 GMT
crum
dsum-sec.casalemedia.com/ Frame 14AE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACLek7KMoQAABkYTfiLDg&expiration=1697363661
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACLek7KMoQAABkYTfiLDg&expiration=1697363661
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkhZ0wTLT5t6mBGresZ7OFfE0ZO9a7RVrffgKxJNv%2B9NfWXtOtCyXiBjNB5%2BP9ExuFen6ZY1Z2nDGFENS54YLk4PuIFJmPFLODO9i9bywou1Bg1CcprO8ISaZvCDUBG2FxOebTHbgrqx2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e259f23c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACLek7KMoQAABkYTfiLDg&expiration=1697363661
Date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 14AE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 14AE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=v7gPyH3Westtr2R5pbhQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128&tc=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=v7gPyH3Westtr2R5pbhQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek72l6El8wg7v0zc70VQTmIQLHCSgTRzVJtnWot%2BoKwo9hVGHREO8ymI6HzFDSupzrCMbiB2kh8dn8qSYOcttb%2BpOWakNV%2F7m7DHonTGCBnzp9c%2FdlaZ8zIrWF4dQ%2BAVfG2IxkNfe5wWcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e31aa63c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=v7gPyH3Westtr2R5pbhQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRlBytX2FjzeDy.4kC0mEAAA%262128&tc=1
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT, Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 14AE
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6dda1867-4b27-a4dc-7638f403
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6dda1867-4b27-a4dc-7638f403
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJwMlqxL53Kd7D4gQ75GlbfdadDY8vE4oTFXepcJP7XWIztDO3P3kkCeUpy53X7eiSt4EaW0KBPmzx8g7To5Dz1UuXX78%2FpV%2B7bPXIl7Xi29Aikx%2BltIHVql9PVDx5p%2F3R8LI3Dtcs6HTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e32ab53c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=6dda1867-4b27-a4dc-7638f403
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
CookieIndex
rtb.adentifi.com/ Frame 14AE 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.233.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-233-93.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
crum
dsum-sec.casalemedia.com/ Frame 14AE
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711965261&external_user_id=319def23-936b-4aad-a86a-d1adbf10801b
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711965261&external_user_id=319def23-936b-4aad-a86a-d1adbf10801b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BWwqKzF0IgqLqpVJz9Z6oMDPFmlYgh8Plcgu3Hql9m%2B9yKH6vGyhqaRiBDJRWdfQvy9LvcfJ0G0GWXvfcrVCL4DXrVP7SkjLBWHK9NFj9fECKPIMJTN9bAjYb4DWKRBt67Om%2B88bc44Og%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80f3d2e32abe3c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711965261&external_user_id=319def23-936b-4aad-a86a-d1adbf10801b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
sync
ads.servenobid.com/ Frame 14AE 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 8207 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67c8d8003bc0741220785a7d57d2db612a706276388204fa25382986ccce40eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Sep 2023 12:21:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8838
Connection
keep-alive
Content-Length
10474
Expires
Sun, 01 Oct 2023 12:21:39 GMT
pixel
ap.lijit.com/ Frame 10FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 01 Oct 2023 09:54:21 GMT
X-Sovrn-Pod
ad_ap7ams1
gen_204
pagead2.googlesyndication.com/pagead/ Frame E97D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8416177125482&version=m202309120101&ct=77&x=1&cor=15595957837707618000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 8207 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LN7ABYR9-12-I51O
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696154061165&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1557&pt=1965043094&tz=120&viewable=true&ddast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vG!ul145276-594_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 01 Oct 2023 09:54:21 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1401
x-cache
MISS
x-served-by
cache-fra-eddf8230103-FRA
pragma
no-cache
server
nginx
x-timer
S1696154061.177878,VS0,VE34
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D3DC 		156 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=EE49CB84-B8D4-437D-8F79-7924F157E502&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dlt=1696154056605&idt=2818&dt=1696154061173&cookie=ID%3Dcdfb3616257d7050-2220817174e400ac%3AT%3D1696154057%3ART%3D1696154058%3AS%3DALNI_MazjjAhFr2Hb8cRzEXLvY5ms-u6lw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=718980496017856&scor=1404639009763968&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 21B1
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7839568542138889334&gdpr=0&gdpr_consent=
95 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7839568542138889334&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Sun, 01 Oct 2023 09:54:11 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
db80557e-ba3a-493d-acdc-138cc9a50f65
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7839568542138889334&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 66E9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70090201&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
90fa48c6351b033e32f1772a351f84981eb113b166ad8bfc4e54f8b6f47e00f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame 8207
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LN7ABYR9-12-I51O
  • https://ads.servenobid.com/sync?pid=323&uid=LN7ABYR9-12-I51O
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LN7ABYR9-12-I51O
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LN7ABYR9-12-I51O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1537ef2fe96d186f089f142283d9817a
Expires
0
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7839568542138889334
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7839568542138889334
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
an-x-request-uuid
e70c2b31-b2f2-4951-99cb-370c629e7406
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7839568542138889334
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e29ab133-f973-4979-8d78-863b132e5796&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e29ab133-f973-4979-8d78-863b132e5796&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=EGSDdhJg0XYLZtR8HjKfKRdkg3oLZdR3H2g1wY5_
  • https://usersync.gumgum.com/usersync?b=bsw&i=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy=
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame C437
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28zzERhRuctcg_n8UpB1NWD8GKm18gfD0qDbli3qS5b-g-0Xso9BPtJi9EFPxlo3Ly%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e29ab133-f973-4979-8d78-863b132e5796&obuid=ENC(zzERhRuctcg_n8UpB1NWD8GKm18gfD0qDbli3qS5b-g-0Xso9BPtJi9EFPxlo3Ly...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:22 GMT
Cache-Control
no-cache
X-TraceId
9a80a383fca5031cef12a171fc1ba873
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Sun, 01 Oct 2023 09:54:22 GMT
X-TraceId
dea1e4f110d0cc564c4fe6f84bbd5127
Content-Length
0
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=62b94f75-89d6-4964-bc7a-f58c15f62df8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=62b94f75-89d6-4964-bc7a-f58c15f62df8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 01 Oct 2023 09:54:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=62b94f75-89d6-4964-bc7a-f58c15f62df8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c070b215-1837-5379-4f20-88ccc3bd1025$ip$45.12.222.173
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-c070b215-1837-5379-4f20-88ccc3bd1025$ip$45.12.222.173
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-c070b215-1837-5379-4f20-88ccc3bd1025$ip$45.12.222.173
Date
Sun, 01 Oct 2023 09:54:21 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-jHibKHNE2pceP5ZW5g.ZCWN62Cdm5shj3BIr~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-jHibKHNE2pceP5ZW5g.ZCWN62Cdm5shj3BIr~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-jHibKHNE2pceP5ZW5g.ZCWN62Cdm5shj3BIr~A
content-length
0
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9b60f9fc-cd11-4cf1-aedd-4c7e6c5125ef
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=9b60f9fc-cd11-4cf1-aedd-4c7e6c5125ef
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=9b60f9fc-cd11-4cf1-aedd-4c7e6c5125ef
Date
Sun, 01 Oct 2023 09:54:21 GMT
Connection
keep-alive
X-CI-RTID
b5fa4e39-3f85-4249-94b9-3ed11ba5eef0
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame C437 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e29ab133-f973-4979-8d78-863b132e5796&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=atWLoKkMLzw5YkcuBW4L&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YLUK5GG6S3LJVGHU5ZVLFVWG5KCK42EY...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=atWLoKkMLzw5YkcuBW4L&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=atWLoKkMLzw5YkcuBW4L&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=atWLoKkMLzw5YkcuBW4L&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=5e030f12-83ad-4c7f-a181-1dce042bb645
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=5e030f12-83ad-4c7f-a181-1dce042bb645
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=5e030f12-83ad-4c7f-a181-1dce042bb645
access-control-allow-origin
*
date
Sun, 01 Oct 2023 09:54:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=ZysGJGiHh59B&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=ZysGJGiHh59B&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=ZysGJGiHh59B&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b6f574bf6-gnqtv
expires
-1
usersync
usersync.gumgum.com/ Frame C437
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8565809872872338097
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8565809872872338097
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8565809872872338097
date
Sun, 01 Oct 2023 09:54:21 GMT
content-length
0
sync
ads.servenobid.com/ Frame C437 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_e29ab133-f973-4979-8d78-863b132e5796
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 42AB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5103897635273492050&gdpr=0&gdpr_consent=
35 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5103897635273492050&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.115.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-115-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5103897635273492050&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 0B72
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRlBzQAUi8ogdAAb
  • https://usersync.gumgum.com/usersync?b=atm&i=ZRlBzQAUi8ogdAAb&gdpr=0&gdpr_consent=&_test=ZRlBzQAUi8ogdAAb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZRlBzQAUi8ogdAAb&gdpr=0&gdpr_consent=&_test=ZRlBzQAUi8ogdAAb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 01 Oct 2023 09:54:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZRlBzQAUi8ogdAAb&gdpr=0&gdpr_consent=&_test=ZRlBzQAUi8ogdAAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1696154061.351351,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 379C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lMjlhYjEzMy1mOTczLTQ5NzktOGQ3OC04NjNiMTMyZTU3OTY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 184D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=172721
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Tue, 03 Oct 2023 09:53:02 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6617 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:21 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 79E2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZRlBzcCo5tEAAFB4Lm0AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZRlBzcCo5tEAAFB4Lm0AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 01 Oct 2023 09:54:22 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 01 Oct 2023 09:54:21 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZRlBzcCo5tEAAFB4Lm0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1003.dc4p.scaleout.jp
X-SO-IP
45.12.222.173
X-SO-Key
ZRlBzcCo5tEAAFB4Lm0AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"45.12.222.173","key":"ZRlBzcCo5tEAAFB4Lm0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1003"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad1003
gumgum
cs.admanmedia.com/sync/ Frame F06C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_e29ab133-f973-4979-8d78-863b132e5796&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 01 Oct 2023 09:54:21 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame FC31
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=v7gPyH3Westtr2R5pbhQ&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=v7gPyH3Westtr2R5pbhQ&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 01 Oct 2023 09:54:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT Sun, 01 Oct 2023 09:54:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=v7gPyH3Westtr2R5pbhQ&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 0D9B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 01 Oct 2023 09:54:21 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
sync.targeting.unrulymedia.com/csync/ Frame 193D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=7536703685
  • https://sync.1rx.io/usersync/turn/3848987879357663383?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
43 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
43
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
pragma
no-cache
log
c21lg-d.media.net/ Frame 6C5F 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3391556601815705000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 01 Oct 2023 09:54:21 GMT
content-length
35
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 0D9B 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67c8d8003bc0741220785a7d57d2db612a706276388204fa25382986ccce40eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Sep 2023 12:21:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8838
Connection
keep-alive
Content-Length
10474
Expires
Sun, 01 Oct 2023 12:21:39 GMT
4bc18ecf-028c-5212-8271-5027e76811ea
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 5EF1
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=6961335048452890773
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/4bc18ecf-028c-5212-8271-5027e76811ea
0
388 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/4bc18ecf-028c-5212-8271-5027e76811ea
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80f3d2e4298d5d3a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/4bc18ecf-028c-5212-8271-5027e76811ea
pixel
ap.lijit.com/ Frame CBFD 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 01 Oct 2023 09:54:21 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame CBFD
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MAN50-C2
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
nJUaMxGXSAZlt6EebghgqvpWdvOPMaA5HUFGgq1Jn_e6oWYrVuzW5Q==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame CBFD
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7839568542138889334
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-rtb.minutemedia-prebid.com/ Frame CBFD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRlBytX2FjzeDy.4kC0mEAAA%262128
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRlBytX2FjzeDy.4kC0mEAAA%262128
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MAN50-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
V6TFFLwXfV-2J_6j76WRFWndznVyIDsPkgzAmFfAcHKhAsoWHvNpeg==

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urgXNKDzruF0423nfAtiFPi%2Fg%2BkqUu6ylF%2FskpPf2%2F95uOEwkJxScrrfsx4ekJKHMrfUOtcC6j9NsoXUG2GyoIORFLjnXnAWUaJwRQKVIOptUagncNxUmSagpDRhEUcyxNHG%2FJ2Kl5sPUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRlBytX2FjzeDy.4kC0mEAAA%262128
cache-control
no-cache
cf-ray
80f3d2e34ad93c95-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame CBFD
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=0cdd0901-de51-4e66-a399-fc969da5a65b
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=0cdd0901-de51-4e66-a399-fc969da5a65b
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MAN50-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
EmVz4Yzsg8dO7qqrcpX1dsxn8jUg1K2IQVEvgOklAhce_Dsn_3gJFw==

Redirect headers

date
Sun, 01 Oct 2023 09:54:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=0cdd0901-de51-4e66-a399-fc969da5a65b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame CBFD
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=e3fb81bac0b304f6b4a50af1b18e39d7
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=e3fb81bac0b304f6b4a50af1b18e39d7
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MAN50-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
gZ5y-rYKRRpicYg8uZsBwe10PolQrXoMyQ82xbltJ8a-QzdSucqwaA==

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=e3fb81bac0b304f6b4a50af1b18e39d7
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame CBFD
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=704275058422284454536
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=704275058422284454536
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MAN50-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
WnqvBgdeiq9_hFbAAVS7NuhSE4yvKqFUY5x8v9-EZ0djbwc6Uyta1Q==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=704275058422284454536
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ads.servenobid.com/ Frame CBFD 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=Aig_HIjzkp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
khaos.json
token.rubiconproject.com/ Frame 0D9B 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LN7ABYR9-12-I51O
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
ce6f8cf02ffae71f1b53ed9bd02c49c20dfbbfcfc16927d7a7b64dc3881a58d1
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame E13F
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ce6f8cf02ffae71f1b53ed9bd02c49c20dfbbfcfc16927d7a7b64dc3881a58d1
0
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ce6f8cf02ffae71f1b53ed9bd02c49c20dfbbfcfc16927d7a7b64dc3881a58d1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80f3d2e59a9a5d3a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 01 Oct 2023 09:54:21 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/ce6f8cf02ffae71f1b53ed9bd02c49c20dfbbfcfc16927d7a7b64dc3881a58d1
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 31F6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 09:54:20 GMT
expires
Sun, 01 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
913309
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 213B 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F714E430-EB22-41F3-8594-D44E33ED515D&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 01 Oct 2023 09:54:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9GCEBVQFW8DPZSBP8TZH
Pug
simage2.pubmatic.com/AdServer/ Frame 7A87
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839568542138889334&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839568542138889334&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ee6e4dea-7e42-4061-a058-ed51bd6756f5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7839568542138889334&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 6B40
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ
42 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame D4C2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284926220982155403&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284926220982155403&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 01 Oct 2023 09:54:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284926220982155403&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 41B1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=7770044e-8f11-4e3b-85f1-ab29f21dabd9&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=576f0248-979e-48fc-b6e7-4906c8e35707&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
ImgSync
image8.pubmatic.com/AdServer/ Frame 7ED9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wHCyFRg3U3lPIIjMw70QJS0M3q0&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 01 Oct 2023 09:54:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B4F7 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1696154061.371332,VS0,VE95
Pug
simage2.pubmatic.com/AdServer/ Frame 8813
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame 785F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTGVrN0tNb1FBQUJrWVRmaUxEZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AACLek7KMoQAABkYTfiLDg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACLek7KMoQAABkYTfiLDg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACLek7KMoQAABkYTfiLDg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8565809872872338097&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACLek7KMoQAABkYTfiLDg&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cs
cs-rtb.minutemedia-prebid.com/ Frame 9804
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUc214cf7a96314076b8420558a1f0d478
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 01 Oct 2023 09:54:21 GMT
server
istio-envoy
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
x-amz-cf-id
GdUhphPG_922frybiUw6rhO6h_p9TstzRt92WgeR9XiNWyrA8ebUXQ==
x-amz-cf-pop
MAN50-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
117
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame E9C8 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
cm
ipac.ctnsnet.com/int/ Frame F2AF 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 5DE1
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=295805934120602370
42 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=295805934120602370
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 01 Oct 2023 09:54:21 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=295805934120602370
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cs
cs-rtb.minutemedia-prebid.com/ Frame D6BA
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8548314120831880462
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Sun, 01 Oct 2023 09:54:21 GMT
server
istio-envoy
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
x-amz-cf-id
f7f7eTWANORnFefY7pb_nfn_Dd9oOoDfM_Op8kjdqFmpLSiU5TKD0g==
x-amz-cf-pop
MAN50-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
117
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
ad.mrtnsvr.com/sync/ Frame 5621 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.163.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.163.102.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
referrer-policy
no-referrer
cookiesync
core.iprom.net/ Frame 059D 		43 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 01 Oct 2023 09:54:21 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-d83fc88eba67@version_1.571v3
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 5A04
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80f3d2e56c9ef164-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80f3d2e42ae6f164-CDG
content-type
text/html
date
Sun, 01 Oct 2023 09:54:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
596
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 38CE 		0
0
sync
ads.servenobid.com/ Frame 573E 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 01 Oct 2023 09:54:21 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 66E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9xTkMOsiQfOFlNROM-1RXQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=172721
accept-ranges
bytes
content-length
5606
expires
Tue, 03 Oct 2023 09:53:02 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 66E9
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
54.77.142.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-142-1.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.109
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.28.75
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 66E9
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2903304955
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2903304955
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 google
last-modified
Sun, 01 Oct 2023 09:54:21 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 google
last-modified
Sun, 01 Oct 2023 09:54:21 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2903304955
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 66E9
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F714E430-EB22-41F3-8594-D44E33ED515D
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODFocnIzV0J6UG1SRWVpcVdWQUctS3JMZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5103897635273492050&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.202.131.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-131-94.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 01 Oct 2023 09:54:22 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 01 Oct 2023 09:54:22 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 66E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjcxNEU0MzAtRUIyMi00MUYzLTg1OTQtRDQ0RTMzRUQ1MTVE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 66E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEClaJIBvbieIG9Db4R6dKEM&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEClaJIBvbieIG9Db4R6dKEM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEClaJIBvbieIG9Db4R6dKEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 66E9 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 30 Sep 2023 09:54:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 66E9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5103897635273492050
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5103897635273492050
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5103897635273492050
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 66E9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 66E9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F714E430-EB22-41F3-8594-D44E33ED515D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-u8iOg0pE2uWMYt__YKyZDFpcm76oDV0-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-u8iOg0pE2uWMYt__YKyZDFpcm76oDV0-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-u8iOg0pE2uWMYt__YKyZDFpcm76oDV0-~A&gdpr=0
date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
F714E430-EB22-41F3-8594-D44E33ED515D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 66E9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F714E430-EB22-41F3-8594-D44E33ED515D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 66E9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 66E9
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=43ec2ef0fa51170a&is_secure=true&networkId=17100&version=1&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtenYgjY_-ANvZMedAAAAAAA&expiration=1696240461&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&...
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtenYgjY_-ANvZMedAAAAAAA&expiration=1696240461&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtenYgjY_-ANvZMedAAAAAAA&expiration=1696240461&nuid=F714E430-EB22-41F3-8594-D44E33ED515D&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 66E9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848987879357663383&gdpr=0&gdpr_consent=&us_privacy=
1 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848987879357663383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848987879357663383&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs-rtb.minutemedia-prebid.com/ Frame 66E9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c3696341-529d-41a2-b836-345bcc34c428&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2600:9000:2131:3000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
via
1.1 cf2a58a1ade01b9796df7d87fe311e64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
MAN50-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
kwag4ykOj9zryoc84kVXFbFsU7_BJPK7FAc6vYYI-KtMbxZo7Pk3-A==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=F714E430-EB22-41F3-8594-D44E33ED515D
date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0D9B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LN7ABYR9-12-I51O
  • https://usersync.gumgum.com/usersync?b=mag&i=LN7ABYR9-12-I51O
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LN7ABYR9-12-I51O
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LN7ABYR9-12-I51O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
sync
ads.servenobid.com/ Frame A37C 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8979950707114701487&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame A37C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5103897635273492050&gdpr=0&gdpr_consent=
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5103897635273492050&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5103897635273492050&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
s.amazon-adsystem.com/ Frame A37C
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=8565809872872338097&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=8565809872872338097&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X1T68FC6ARVC77DQT0TR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=8565809872872338097&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame A37C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7284926220982155411&gdpr=0&gdpr_consent=
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7284926220982155411&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7284926220982155411&gdpr=0&gdpr_consent=
Date
Sun, 01 Oct 2023 09:54:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
redir
rtb-csync.smartadserver.com/ Frame A37C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACLek7KMoQAABkYTfiLDg&partnerid=127&gdpr=0
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AACLek7KMoQAABkYTfiLDg&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AACLek7KMoQAABkYTfiLDg&partnerid=127&gdpr=0
Date
Sun, 01 Oct 2023 09:54:21 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
5103897635273492050
csync.smilewanted.com/set_partner_userid_get/adform/ Frame F37A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5103897635273492050
0
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/5103897635273492050
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80f3d2e489e05d3a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 01 Oct 2023 09:54:21 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/5103897635273492050
server
nginx
csi
csi.gstatic.com/ Frame D3DC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ln7ac0ao&c=7766959942343&slotId=3883479971171.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
56f5c1f5bf51abfddb1d108886a19b3d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame B8BA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/56f5c1f5bf51abfddb1d108886a19b3d?gdpr_consent=&gdpr=0
0
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/56f5c1f5bf51abfddb1d108886a19b3d?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80f3d2e449a25d3a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 01 Oct 2023 09:54:21 GMT
Expires
Sun, 01 Oct 2023 09:54:21 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/56f5c1f5bf51abfddb1d108886a19b3d?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696154061437019-421
cs
cs.yellowblue.io/ Frame B782
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=56f5c1f5bf51abfddb1d108886a19b3d&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=56f5c1f5bf51abfddb1d108886a19b3d&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 01 Oct 2023 09:54:21 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=56f5c1f5bf51abfddb1d108886a19b3d&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696154061441046-410
Expires
Sun, 01 Oct 2023 09:54:21 GMT
v1
match.sharethrough.com/universal/ Frame B782 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame B782
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7839568542138889334
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:20 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sun, 01 Oct 2023 09:54:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame B782 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=T8P_TUj-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
v1
match.sharethrough.com/universal/ Frame 136C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Sun, 01 Oct 2023 09:54:21 GMT
60446b6462021c733a54cc63ead0270046f117c95deb81692c5c7102108b27c2
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame AFA1
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/60446b6462021c733a54cc63ead0270046f117c95deb81692c5c7102108b27c2
0
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/60446b6462021c733a54cc63ead0270046f117c95deb81692c5c7102108b27c2
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80f3d2e65b035d3a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 01 Oct 2023 09:54:21 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 01 Oct 2023 09:54:21 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/60446b6462021c733a54cc63ead0270046f117c95deb81692c5c7102108b27c2
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
async_usersync
ib.adnxs.com/ Frame 8BBE 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:22 GMT
an-x-request-uuid
29589335-22d1-43a5-8d9e-a3841e6081e1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.173; 45.12.222.173; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=visible-3&pid=169092&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&pfid=42&piv=34&env=js-web&ut=1&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&sid=192517&scid=7024&pscid=20204&psid=415253&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&p=K9DXA_4rGpoeUJlcJlxTpAlLf4HyPm602ri0KDrJkEU91w&cts=1696154057594&cs=495944071361914057605&1696154057594&slot=native&fv=1262&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:22 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame D3DC 		1 KB
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F11440465%2FThird_Party%2FTP_VAST_8&description_url=https%3A%2F%2Fzeenews.india.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=690615410131682&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=EE49CB84-B8D4-437D-8F79-7924F157E502&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dlt=1696154056605&idt=2818&dt=1696154062101&cookie=ID%3Dcdfb3616257d7050-2220817174e400ac%3AT%3D1696154057%3ART%3D1696154058%3AS%3DALNI_MazjjAhFr2Hb8cRzEXLvY5ms-u6lw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&scor=2830282682573982&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
713fa9426a7aa6b698e13aad76a65d0f49120d6e8eecd76455b0d68640927f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
841
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
6f16eb8cc6e272a3cdc80bf0bcd5fa0f.jpg
static.bg3.co/imgs/202105/ 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame D3DC 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=EE49CB84-B8D4-437D-8F79-7924F157E502&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dlt=1696154056605&idt=2818&dt=1696154062902&cookie=ID%3Dcdfb3616257d7050-2220817174e400ac%3AT%3D1696154057%3ART%3D1696154058%3AS%3DALNI_MazjjAhFr2Hb8cRzEXLvY5ms-u6lw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=353489670182309&scor=133424226087946&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		339 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:22 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-199
cdn-cachedat
01/30/2023 07:35:59
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-860
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
244becccd8a330f790e71d85fdc5e730
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame D3DC 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ln7ac1u1&c=7766959942343&slotId=3883479971171.5&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=visible-4&pid=169092&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&pfid=42&piv=34&env=js-web&ut=1&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&sid=192517&scid=7024&pscid=20204&psid=415253&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&p=JHjevgqWWHfuK85O2OYl_zvM1Q8JgvEWzgBpjMyGdGHiog&cts=1696154057594&cs=204741131929573709305&1696154057594&slot=native&fv=1262&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 66E9 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
pubads.g.doubleclick.net/gampad/ Frame D3DC 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=EE49CB84-B8D4-437D-8F79-7924F157E502&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dlt=1696154056605&idt=2818&dt=1696154063909&cookie=ID%3Dcdfb3616257d7050-2220817174e400ac%3AT%3D1696154057%3ART%3D1696154058%3AS%3DALNI_MazjjAhFr2Hb8cRzEXLvY5ms-u6lw&gpic=UID%3D00000c8a101183c4%3AT%3D1696154057%3ART%3D1696154057%3AS%3DALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA&correlator=2044592051071194&scor=1581230242056876&ged=ve4_td7_tt5_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=122870061&cid=1391071136.1696154057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696154058&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html&dt=%E5%A5%A7%E6%96%AF%E5%8D%A1%EF%BC%8F94%E6%86%91%E9%80%99%E5%B9%95%EF%BC%81%E3%80%8A%E6%B7%91%E5%A5%B3%E9%B3%A5%E3%80%8B%E6%AF%92%E8%88%8C%E5%AA%BD%E4%B8%80%E9%8F%A1%E5%88%B0%E5%BA%95%E7%88%86%E5%82%AC%E6%B7%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 184D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33813726&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3dda4b612b71837af80704cfd117ba93f853a06de5d8ce91b9611109f5f20ff9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 01 Oct 2023 09:54:24 GMT
content-length
1239
content-type
text/html; charset=UTF-8
track
t.teads.tv/ Frame D75A 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=visible-5&pid=169092&vid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d&pfid=42&piv=34&env=js-web&ut=1&auctid=d31576c9-b30f-4d6f-8878-cc3202da5331_1acbed04-ff1b-48c2-ba66-b8d889c3af03&sid=192517&scid=7024&pscid=20204&psid=415253&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&p=50Yn5D36Ad6vu0nP93wnT6YCijVNC9Ftj3cy4Lxbam3loA&cts=1696154057594&cs=-340818693274023781705&1696154057594&slot=native&fv=1262&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 01 Oct 2023 09:54:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 66E9 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34669453&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3dda4b612b71837af80704cfd117ba93f853a06de5d8ce91b9611109f5f20ff9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 01 Oct 2023 09:54:24 GMT
content-length
1239
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame E1B5 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:24 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 8A53
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e776ddc0e770d2f5/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a11c05dcd551d7b8ac4c8c3a542a04a3&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTUQQjanTTaQXMV&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTUQQjanTTaQXMV&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTUQQjanTTaQXMV&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 6733 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 01 Oct 2023 09:54:24 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 2BE1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 01 Oct 2023 09:54:24 GMT
expires
Sat, 30 Sep 2023 09:54:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame BE28
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5758106341
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5758106341
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:24 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 01 Oct 2023 09:54:24 GMT
etag
RX90e355a0243d4d00bf94671ecd6f796f003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5758106341
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
usersync
usersync.gumgum.com/ Frame DB88 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 01 Oct 2023 09:54:24 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame 184D 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:24 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80f3d2f699e0bb4d-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 184D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:36 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:36 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
pixel.onaudience.com/ Frame 184D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e210bf7d78b5df11/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a11c05dcd551d7b8ac4c8c3a542a04a3&gdpr=0
0
0
mw
mwzeom.zeotap.com/ Frame 66E9 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 09:54:24 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80f3d2f699e3bb4d-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 66E9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:36 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Oct 2023 09:54:36 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F714E430-EB22-41F3-8594-D44E33ED515D&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d08cd4c9688de66e/gdpr=0/ Frame 66E9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d08cd4c9688de66e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
0
0
match
c1.adform.net/serving/cookie/ Frame A674 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F714E430-EB22-41F3-8594-D44E33ED515D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:24 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 43CE
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8f9bc30995aefe6d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a11c05dcd551d7b8ac4c8c3a542a04a3&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSMRhjYaRRVgnMnUQ&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSMRhjYaRRVgnMnUQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 01 Oct 2023 09:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSMRhjYaRRVgnMnUQ&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame E61A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 01 Oct 2023 09:54:24 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 94C3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 01 Oct 2023 09:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 01 Oct 2023 09:54:24 GMT
expires
Sat, 30 Sep 2023 09:54:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BB6D117B05DF416BAD0F1A660B9DFF2C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame C913
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4912066749
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4912066749
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 01 Oct 2023 09:54:24 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 01 Oct 2023 09:54:24 GMT
etag
RX90e355a0243d4d00bf94671ecd6f796f003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4912066749
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame 8FAB 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=F714E430-EB22-41F3-8594-D44E33ED515D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 01 Oct 2023 09:54:24 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e7eb61fcc7ea1f06b2a72c40f8f8fbdc.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/1bfb9e85f5fbd815a3ca7e0c300cea73.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/50e6bfe24f8c528de829b9c6b124a8c2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/317223c721bd8a51206a9d31e3cda518.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/0e2424ea71a504ca314d0c381dba894f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/11ee01128642dc85086008c0801e13c1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3053d4a4ad3d0e40a78553b0de60d06a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d35f2352a21e5fdaced3df335fad6d6d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/90365ec27911f1661506eef194904f8f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/408e6ebf7d0fe0e81ee9eb1a0c5f2c29.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/779ec41e9438d87926769f12873d32b7.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c98665426b0cb0137e55a24db4c50570.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d5ad1b9156601ced92f13f6df35b7052.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/063c032fc0dc20ad28c3229fd90ca4d3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202104/3eba5a515f75e890a81e6a9bdcb604af.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9101b6b4693153d7825cf1cc776b18c5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/8da9833ad429efbe52a79d754f304da3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/cc7234c943917554171c4c25c848cabd.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/6cff1431aea567b0c63630bd4dbf0ffa.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5cff97f17eb09556dc07f72cb0ae4850.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d309d5c82336847fa3e59b38b799c38e.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/f0102cabb87464e7b6f48cca1e49ff28.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/eceade44c20edd4043db93443a6e84f2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e933ed26638236f65c323964af576d2e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/59287d9c0336408b8bcc0db3a61bcd65.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/15be1da2f14a55cd4ca10ed3cf0f9238.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d5f1b6cb4a482f493e942466749b5a13.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b71a4a711c299a8e4f586c3245c9e2a8.jpg?w=150&h=100&q=100
Domain
delivery.selfcampaign.com
URL
http://delivery.selfcampaign.com/b/63472.js?provider=adform&unix=1696154060
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/6f16eb8cc6e272a3cdc80bf0bcd5fa0f.jpg
Domain
am-wf.taboola.com
URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696154064152&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1557&pt=1965043094&tz=120&viewable=true&ddast=V8zYkCLAZko28BmKpDExHIRt8CMFWHJioAAABgYID-AMl4No6FczhxizYey1o0mCzcwuXM49btFqaJyWJYjWa2ISAZz8axcA4nbtHGY1mLBpOFW7icedy63cI0MVkMq9HMNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZiaDodPte9Xvf73SU-z1zj9yv8Cr9b83Qrng63cjR42n1u6dHlVrvemqPrLXe95U6H3y1yvTVHl1vtcCufbqnT7nOLHH63yOmWOPxujevpFrucdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAJ45FLzZ9LL7AwAAAAAIAAAAABIACOiHJQBijPdO_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DTj3doDhjniKJFKAWYQQAAACghcG79cgknaBiUeX__7_fCsAVAIAARXVU_ZksuoMSb2EAAAAExizQw-L3mx12jd_tMv__________Zv7P_KMR6jEzSwPEz9ys5hcQAGDNLyAAABt1AwDwRgBO0CFoxWCwOgExOwAAAAB3_v____WA2GJism0sNtPEYphsVibnYGIazDyrkcO0sAx3s-1B5HaGgr1YjeyzISyz33dQUE5Pj9llkLFcJoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8CuBygiRgsl5PJYrJbjVajzXA3mg0WSCAGE0TRosFkNRpNFpPhajRZzZaL3W6DKFq1mo02g-FqNpntdqvhYLgcjdCELUaryWSzHM6Wi8lgOBqORkMEcwvbZDVb7daahcWyFk08jrXC49u4NSbbyrabbCyDmW0ten1MH8dk4xstt0gwAG0vkqdFOlF5TDbLarjxbBYj22LmGy12y91qOTHMFovJZDWZiCWak0U6kV32tcXEZNtYbKaJxTDZrEzOwcQ0mHlWI4dpYRnuZvvewjZZzVa7tWZhsaxFE49jrfD4Nm6Nybay7SYby2BmW4teH9PHMdn4Rst9Y7acLVajwWq3b8yWs8VqNFjt9h06w3f1ORuVZZXkIxSLf-eu9eY0KFwGi_elPp2HBWPBfPIcnT7T51nUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPYoNBEUsEF-lE8DC7HaaXW-LzbPwWsURpukgneoVf4Xdrnm7F0-FWjgZPu88tPbrcatdbc3S95a633Onwu0Wut-bocqsdbuXTLXXafW6Rw-8WOd0Sh9-tcT3dYpfTLjS9zRaxRHC6SCeil_F0Uf9RA63mislcMpnMFbvNKgEAAAAAAAAAWIJpppsAAAAAOBnUcDNcrNbpYCazyWC3Wi6Ai6AsXcAgAAAAAAAAxRp7rAEeZrfD9HJLfJ6N38oAJJjzmG32GUGs1WpZAwAAEMAGAAAQwE033gSmT3H_____4wAAAMjIoQcAAEC_D4gKAAAAAACAH0GuZpv9A1Ah1mq1ut1Yq9UKWFCLxWAzgf____8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vD!eidc_vA!nonrv_vA!ufm_vG!ul145276-594_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a11c05dcd551d7b8ac4c8c3a542a04a3&gdpr=0
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d08cd4c9688de66e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Domain
trc.taboola.com
URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=11657&tvi50=9563&route=AM%3AIL%3AV&lti=deflated

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _statcounter object| AMP object| TRC function| _typeof object| _tblConsole undefined| msg object| google_tag_manager object| google_tag_data object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| onYouTubeIframeAPIReady object| gaGlobal object| googletag object| ggeac object| google_js_reporting_queue function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs undefined| google_measure_js_timing undefined| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| google_reactive_ads_global_state number| google_unique_id object| adRecover undefined| jqAlias object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| Criteo object| ucf object| request string| paramsString function| quantserve function| __qc object| ezt object| _qoptions function| checkFrameandInitStartFun function| processData string| nam object| placementData object| GoogleGcLKhOms object| cmTag object| _cm_wfCounters string| lastWfUrl object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals boolean| noPreviewPage function| io function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| clientJsFunction function| startCMTagMain string| category object| _google_rum_ns_ object| google_persistent_state_async function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| vttjs function| WebVTT function| videojs object| google_image_requests object| $jscomp object| canAutoplay function| videojsPlaylist function| videojsContribAds function| videojsIma function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| closure_lm_688448 object| closure_lm_521982 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| prepareAdRequest

186 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCTFg
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1696154057.C03B159C4EF34FF5AA7B7F5D603A5BFE.1.1.1.1.1.1.1.1.1
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1696154056.1.0.1696154056.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1391071136.1696154057
.statcounter.com/ Name: is_unique
Value: sc12918656.1696154056.0
.statcounter.com/ Name: is_visitor_unique
Value: 1696154056365136512
www.bg3.co/ Name: __AP_SESSION__
Value: 7d1b074a-123d-462b-ad6a-97402b077f88
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: bfc47d0c-2f01-4867-a017-523febbacab0
.prebid.a-mo.net/ Name: __amc
Value: 1_1696154057_1696154057
.rubiconproject.com/ Name: khaos
Value: LN7ABYR9-12-I51O
.omnitagjs.com/ Name: ayl_visitor
Value: e3fb81bac0b304f6b4a50af1b18e39d7
.quantserve.com/ Name: mc
Value: 651941c9-7f38c-f1515-4f899
.bg3.co/ Name: __qca
Value: P0-1527386353-1696154057343
.teads.tv/ Name: tt_viewer
Value: 0b6457e5-3d55-41a3-8fa6-4bac9c59608d
.bg3.co/ Name: __gpi
Value: UID=00000c8a101183c4:T=1696154057:RT=1696154057:S=ALNI_Ma3NgeRmv8dvqHIq607G1Sa48qfGA
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D7a625657-3ab2-4bc1-ac7c-cd6e672c20f6-tuctc12c749
.aralego.com/ Name: sspid
Value: ed900dee-41fe-3502-bf53-a889b034183b
.aralego.com/ Name: euconsent-v2
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUmgSFQ3RqCSsEKQoJO20G4ETNX4K_WwFNIFIvry1ziVNph1HlvC6my84MpC-tY
.casalemedia.com/ Name: CMID
Value: ZRlBytX2FjzeDy.4kC0mEAAA
.casalemedia.com/ Name: CMPS
Value: 2128
.casalemedia.com/ Name: CMPRO
Value: 2128
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxON0FCWVI5LTEyLUk1MU8iLCJleHBpcmVzIjoiMjAyMy0xMi0zMFQwOTo1NDoxOFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMC0wMVQwOTo1NDoxOFoifQ==
.yahoo.com/ Name: A3
Value: d=AQABBMpBGWUCEG060PHLeOc_8jsxLGYTd2IFEgEBAQGTGmUjZQAAAAAA_eMAAA&S=AQAAAtdo1YOSEuVEPIxigYInK1U
.bidr.io/ Name: bito
Value: AACLek7KMoQAABkYTfiLDg
.bidr.io/ Name: bitoIsSecure
Value: ok
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bg3.co/ Name: __gads
Value: ID=cdfb3616257d7050-2220817174e400ac:T=1696154057:RT=1696154058:S=ALNI_MazjjAhFr2Hb8cRzEXLvY5ms-u6lw
.linkedin.com/ Name: bcookie
Value: "v=2&0b641199-0872-4d8e-8efd-f1b728f4539f"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTYxNTQwNTg7MjswMjE4Y8Fgaqvw5qCwwIjvJ96MgDgJXoXe8BaY9BqAL5Aiig==
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2650:u=1:x=1:i=1696154058:t=1696240458:v=2:sig=AQEYCeM2rTN_W12Opd0QRG8BPjto1Xm5"
.tapad.com/ Name: TapAd_TS
Value: 1696154058853
.tapad.com/ Name: TapAd_DID
Value: 44fb4f4e-2239-4f6e-952b-418e741ad897
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1696154058.1.0.1696154058.0.0.0
.criteo.com/ Name: uid
Value: 90113fd7-70ee-4296-b7f1-83ab611747c1
.primis.tech/ Name: csuuid
Value: 651941cae9d47
.krxd.net/ Name: _kuid_
Value: P1CZih74
.agkn.com/ Name: ab
Value: 0001%3ANRDAzHgk%2BfQtkuuM29vIiZA0kItuAujo
.amazon-adsystem.com/ Name: ad-id
Value: A1mYJ0pbUknjm94qnRz6dbU
.adform.net/ Name: C
Value: 1
.bluekai.com/ Name: bku
Value: m3X991+OsVV+S3Li
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: b11f86dc8d32b200
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1696154059.1.0.1696154059.0.0.0
.adnxs.com/ Name: uuid2
Value: 7839568542138889334
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2C%5wVA:[!A#Fu.TOKKnyW<U1`VROYQM-:BD@Vm`VK*lS+(h@QOhiAADyzb_+BH'p/3ec/X%W#.wLP*6:R^]a016[gX68zO1Q0WRLD@]'O0L-91CX)@'s>TCv?A#
.adform.net/ Name: uid
Value: 5103897635273492050
.adform.net/ Name: TPC
Value: 1696154059498
.openx.net/ Name: i
Value: 4628d45c-0844-4ec5-81d7-2d89b9811f43|1696154059
.uuidksinc.net/ Name: jcsuuid
Value: WzKetwFjo3bh0YVTVzDY
.360yield.com/ Name: tuuid
Value: 5e030f12-83ad-4c7f-a181-1dce042bb645
.360yield.com/ Name: tuuid_lu
Value: 1696154059
.tremorhub.com/ Name: tvid
Value: d2319318ef0549e39fb51a50a951edab
.tremorhub.com/ Name: tv_UIDF
Value: CAESEEM7yASVq7tjf9d_3pSNkFM
.tremorhub.com/ Name: tvssa
Value: 1696154059882
.3lift.com/ Name: tluid
Value: 704275058422284454536
.lijit.com/ Name: ljt_reader
Value: HaZyvGZHzu9H2AHGSUuXnlbK
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSMrI0tTAwtTQ2MTQyMDMwMjY3EOIz1E22LMwxSTX1TPFNSgYA8gIffCQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSMrI0tTAwtTQ2MTQyMDMwMjY3EOIz1E22LMwxSTX1TPFNSgYA8gIffCQAAAA
.bg3.co/ Name: cto_bundle
Value: _qSVoV9GNUhkVVZ3M0kyTUxucHc1dlVNNCUyQlZocU5TNTh2NmE4TUwyN0doTVpPd3JRaGM4c2ZxSEJ3NmVlSVhtaU1HbEtmNVk2dVUzRXIxbmV1JTJGenp5S0pUa0s3WUQlMkY5MDJXZ1ZHb0xzWGglMkJxeThSTEtuWFBTRzJ2TXJYJTJGNGhtbVRmTmlFTkZuV3dJZUNJRm9iUU5iOTVLbUxBJTNEJTNE
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-01T09%3A54%3A20%22%7D
.openx.net/ Name: pd
Value: v2|1696154060|gen0vNvQiygu
.servenobid.com/ Name: pid_337
Value: y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
.servenobid.com/ Name: pid_339
Value: y-IP62vcJE2uHnsEeSupA1S.7eG52o8P7kWGtNwa4-~A
.servenobid.com/ Name: pid_312
Value: 7839568542138889334
.servenobid.com/ Name: pid_333
Value: ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.sitescout.com/ Name: ssi
Value: 92e12682-810f-475d-975b-6d4183e87980#1696154061179
.gumgum.com/ Name: vst
Value: e_e29ab133-f973-4979-8d78-863b132e5796
.creativecdn.com/ Name: u
Value: v7gPyH3Westtr2R5pbhQ
.creativecdn.com/ Name: ts
Value: 1696154061
.servenobid.com/ Name: pid_310
Value: HaZyvGZHzu9H2AHGSUuXnlbK
.servenobid.com/ Name: pid_353
Value: 0000EEA
.bidswitch.net/ Name: tuuid
Value: 576f0248-979e-48fc-b6e7-4906c8e35707
.bidswitch.net/ Name: c
Value: 1696154061
.bidswitch.net/ Name: tuuid_lu
Value: 1696154061
.turn.com/ Name: uid
Value: 3848987879357663383
.servenobid.com/ Name: pid_324
Value: 295805934120602370
.ads.stickyadstv.com/ Name: UID
Value: 56f5c1f5bf51abfddb1d108886a19b3d
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZRlBytX2FjzeDy-4kC0mEAAACFAAAAAB
.servenobid.com/ Name: pid_309
Value: e_e29ab133-f973-4979-8d78-863b132e5796
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003%22%7D
.brand-display.com/ Name: _knxq_
Value: 6dda1867-4b27-a4dc-7638f403.1696154061.0.1696154061.1696154061
.company-target.com/ Name: tuuid
Value: 319def23-936b-4aad-a86a-d1adbf10801b
.company-target.com/ Name: tuuid_lu
Value: 1696154061|ix:0
.minutemedia-prebid.com/ Name: wrvUserID
Value: Aig_HIjzkp_mm
.richaudience.com/ Name: pdid
Value: 0804a3b5-3a9f-47a9-bd60-1zz1696154051
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F714E430-EB22-41F3-8594-D44E33ED515D
.pubmatic.com/ Name: DPSync3
Value: 1697328000%3A245_241_235_201
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRlBzQAUi8ogdAAb
.contextweb.com/ Name: V
Value: ZysGJGiHh59B
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3f66c06aa1299b4a
.servenobid.com/ Name: pid_348
Value: Aig_HIjzkp_mm
.quantserve.com/ Name: d
Value: EMwBGAGKKvijCJiTDsroEA
.smartadserver.com/ Name: pid
Value: 8565809872872338097
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NjE1NDA2MTM4NSwiMjQiOjE2OTYxNTQwNjEyMTIsIjM5IjoxNjk2MTU0MDYxMjEyLCI3IjoxNjk2MTU0MDYxMjEyfQ
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003%22%7D
.go.sonobi.com/ Name: __uis
Value: b76e92d8-5d36-43bc-aaf2-03021a9438c8
.go.sonobi.com/ Name: HAPLB8G
Value: s8683|ZRlB0
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 4bc18ecf-028c-5212-8271-5027e76811ea
.betweendigital.com/ Name: ss
Value: 1
.servenobid.com/ Name: pid_316
Value: F714E430-EB22-41F3-8594-D44E33ED515D
.servenobid.com/ Name: pid_317
Value: 8979950707114701487
.admanmedia.com/ Name: admtr
Value: e428bd8c-4627-4b4b-bcc9-2e3b89a89be0
.dotomi.com/ Name: DotomiTest
Value: 43ec2ef0fa51170a
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~2e89:175w~2e89:18z8~2e89"
.richaudience.com/ Name: avcid-apn-uid
Value: 7839568542138889334
.ctnsnet.com/ Name: cid_9cd5f6aa15fa4630a78426cf3c3514ad
Value: 1
.yellowblue.io/ Name: wrvUserID
Value: T8P_TUj-Cp_s
.weborama.fr/ Name: AFFICHE_W
Value: 5kDtxeBtQQ3m96
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.betweendigital.com/ Name: ut
Value: ZRlBzQAGqwgmFDdgp7Ko9sxv1inZZLE_tUk4OA==
.servenobid.com/ Name: pid_321
Value: RX-90e355a0-243d-4d00-bf94-671ecd6f796f-003
.servenobid.com/ Name: pid_332
Value: b76e92d8-5d36-43bc-aaf2-03021a9438c8
.adfarm1.adition.com/ Name: UserID1
Value: 7284926220982155411
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_7ea79770-6040-11ee-9fce-121a6d1d7927
.servenobid.com/ Name: pid_328
Value: e428bd8c-4627-4b4b-bcc9-2e3b89a89be0
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-16c69828-64ab-31fa-9b6f-1badcbb2dd03
.simpli.fi/ Name: suid
Value: BB6D117B05DF416BAD0F1A660B9DFF2C
.servenobid.com/ Name: pid_352
Value: T8P_TUj-Cp_s
.pubmatic.com/ Name: SyncRTB3
Value: 1698710400%3A203%7C1697328000%3A214_251_234_254_166_161_81_56_165_55_176_264_46_54_71_13_22_21_249_3_233_8_220_238_204%7C1696723200%3A15_2_223%7C1697414400%3A35%7C1696982400%3A63
.csync.loopme.me/ Name: viewer_token
Value: 311b3421-666f-42e7-89ed-c87193eb3e55
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: a11c05dcd551d7b8ac4c8c3a542a04a3
.de17a.com/ Name: guid
Value: 1.8548314120831880462
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ&KRTB&19420-bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ&KRTB&22979-bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ&KRTB&23403-bEBwkW5EIpF3QiebYhZszmtAcJ13QSeQY0zlYkJZ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEClaJIBvbieIG9Db4R6dKEM&KRTB&23025-CAESEClaJIBvbieIG9Db4R6dKEM&KRTB&23386-CAESEClaJIBvbieIG9Db4R6dKEM
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-295805934120602370
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-92e12682-810f-475d-975b-6d4183e87980-651941cd-4348&KRTB&23418-92e12682-810f-475d-975b-6d4183e87980-651941cd-4348
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7839568542138889334&KRTB&23339-7839568542138889334
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5103897635273492050&KRTB&23263-5103897635273492050&KRTB&23481-5103897635273492050
.pubmatic.com/ Name: PugT
Value: 1696154061
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHtenYgjY_-ANvZMedAAAAAAA&KRTB&22713-AAAHtenYgjY_-ANvZMedAAAAAAA&KRTB&22715-AAAHtenYgjY_-ANvZMedAAAAAAA&KRTB&23519-AAAHtenYgjY_-ANvZMedAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3848987879357663383&KRTB&23150-3848987879357663383&KRTB&23527-3848987879357663383
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7284926220982155403&KRTB&23369-7284926220982155403
.adx.opera.com/ Name: UID
Value: OPUc214cf7a96314076b8420558a1f0d478
.smartadserver.com/ Name: csync
Value: 127:AACLek7KMoQAABkYTfiLDg
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1n64|7dN.0.AACLek7KMoQAABkYTfiLDg|7bq.0.1
.adsby.bidtheatre.com/ Name: __kuid
Value: c3696341-529d-41a2-b836-345bcc34c428.465368061
ads.playground.xyz/ Name: connect.sid
Value: s%3AzwRyfXlO_mIeIwG8N-H_HaueIVNFZbsM.BwJDMMkwL5KunT42jiB8OAEcdDNvyaqmMQD%2BseRNWKU
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUc214cf7a96314076b8420558a1f0d478&KRTB&23485-OPUc214cf7a96314076b8420558a1f0d478&KRTB&23524-OPUc214cf7a96314076b8420558a1f0d478
.mfadsrvr.com/ Name: tuuid
Value: 7770044e-8f11-4e3b-85f1-ab29f21dabd9
.mfadsrvr.com/ Name: c
Value: 1696154061
.mfadsrvr.com/ Name: tuuid_lu
Value: 1696154061
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8548314120831880462
.liadm.com/ Name: lidid
Value: a9c884ec-1011-4329-b80a-551bd1c5ac42
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1696154061
.outbrain.com/ Name: obuid
Value: 8c981142-19c0-4075-8716-eeb76dd0f496
.zemanta.com/ Name: zuid
Value: atWLoKkMLzw5YkcuBW4L
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqoUaCaU2Ds7FqbBgMWySGKnddJL2ro259nQzSmeaMh0S8/kmTTCk80oE2BbxUEbdUhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.pubmatic.com/ Name: pi
Value: 0:3
.us.ck-ie.com/ Name: CID
Value: fbad0d7f4cd156bb2802f10fc972fa876329a1cc
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-576f0248-979e-48fc-b6e7-4906c8e35707
.ipredictive.com/ Name: cu
Value: 9b60f9fc-cd11-4cf1-aedd-4c7e6c5125ef|1696154061641
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c070b215-1837-5379-4f20-88ccc3bd1025.87a3yXxqCCjC6C1DerEXX47DXGajEkfOsZ1Nh2owFkU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c070b215-1837-5379-4f20-88ccc3bd1025.87a3yXxqCCjC6C1DerEXX47DXGajEkfOsZ1Nh2owFkU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AwHCyFRg3U3lPIIjMw70QJS0M3q0.6kCnrCOLi7i2yGS7PrGwRpQgwSD2FL7EeVeWnBx7%2B4c
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AwHCyFRg3U3lPIIjMw70QJS0M3q0.6kCnrCOLi7i2yGS7PrGwRpQgwSD2FL7EeVeWnBx7%2B4c
.servenobid.com/ Name: pid_323
Value: LN7ABYR9-12-I51O
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACLek7KMoQAABkYTfiLDg
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-wHCyFRg3U3lPIIjMw70QJS0M3q0&KRTB&23334-wHCyFRg3U3lPIIjMw70QJS0M3q0&KRTB&23417-wHCyFRg3U3lPIIjMw70QJS0M3q0&KRTB&23426-wHCyFRg3U3lPIIjMw70QJS0M3q0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.technoratimedia.com/ Name: tads_uid
Value: GDPR
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGhXnDVJspta_aKRJPISpX6pEXBnhSu_irivGs5OvRRqEHwYBCDNg-WoBjABOgTwi70wQgQTQKXd.p6UIEihRSEpsyI83fgDF%2BefGPY9Hr3UK%2B%2F4e2xuJLIo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGhXnDVJspta_aKRJPISpX6pEXBnhSu_irivGs5OvRRqEHwYBCDNg-WoBjABOgTwi70wQgQTQKXd.p6UIEihRSEpsyI83fgDF%2BefGPY9Hr3UK%2B%2F4e2xuJLIo
.tribalfusion.com/ Name: ANON_ID
Value: amntmIy4ZawFBA9MAIAno71GBdSZdjMFGbfsxCZdwPkkFH19yZb9OxqUodTZa3MX7wMJ4UGKuffaPM51qkl3JFgey2h5a
.smilewanted.com/ Name: sw_user_params_infos
Value: 4tWl6Ojuzst335PK%2FpGFNOJ3Vus%2Bt93HMTcP%2B3EsAS1LjbFHjMGOlwJ5BryvjTKQZa843sPbd%2FuoI3b4QjNJ%2BrWVg7B0rmYGLSVD7dOJZL74MZsEpkt0FmBPiwzKNHrJyAe3VFzC3Nd0hH3x%2B01Aufc7eu7X1ifRP6x%2FtBx9DOSgAI5y9ObA%2FptNjb%2BKZY2BL2jTZSJaQfPkP7pRIV3TDcv2a9%2FSSTPdB%2FpRhgLrMtYHe8V9pnRM0CYBlwdT8puQVZki7setpDGZaswMIqlU1tcPCEByEgGMnMEBm1cU%2B9PAXRyrl4%2B5fIzZahwHOC%2Faa%2Fxq%2BJo%2FsjIFiUKdHMW9t%2F6YIxBlhbSHo10MbdYPMve6sL%2BAiKPEs4yDnuDnFd7dN7WCXPZpw%2Fx0X1AtyWktPWzWUnR%2B4ssrvtyIzaWl6JY%3D
.audrte.com/ Name: arcki2
Value: 81hrr3WBzPmREeiqWVAG-KrLg!20220908!1696154061802!ip#45.12.222.173
.audrte.com/ Name: arcki2_pubmatic
Value: F714E430-EB22-41F3-8594-D44E33ED515D!20220908!1696154061805
.rezync.com/ Name: zync-uuid
Value: a795d549-ea2a-4d25-87d7-c429aaea30b8:1696154061.8931248
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBOw5AQBAA0EblDK4wYsbsZ3QbWZWKRLTD6myUROnk3isr7EOcYwzX-fAC-R1o0jyuukC4v8KpE5MMCxxKCpzIgHfJwc4kqoe2zeY7tGLRcGOx9tIisf8BMak3plgAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dXXMz6kwCdPNrXIzCkrM9YlIDNN1LA_iNTSzNDM0NTEwMzCwNN7EiOAbGptbvGJEkTeZJGyeaG5pmmJqYqmbmmiUqGuSYmSqa2GeYq6bbGJkmZiYmmhskGRhhTBEz8LS2NDIxGKWMMIkIwMDk0WofNNT4kg2G1oYAgD1cEH_twAAAA
.audrte.com/ Name: arcki2_ddp2
Value: 81hrr3WBzPmREeiqWVAG-KrLg!20220908!1696154061968
.socdm.com/ Name: SOC
Value: ZRlBzcCo5tEAAFB4Lm0AAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNyjsOwyAMANC7eA4VGPMxl4nc4AG1oVVIlka5ezM-6Z0wf3VbpWvfoezboRMs73ZrQDlhtN-qLyiAHLIN7MmhjRZ9snBNMHSM9ulzq3eRxKEGYqOCYqhiMDnVZBZCFlHx9pmLixxdIBvdI7N3SBmuP5M1JZQ.ZRlBzg.7njj4fORpDY2gyIj801ouhA-y7Y
.audrte.com/ Name: arcki2_adform
Value: 5103897635273492050!20220908!1696154062151
.rlcdn.com/ Name: rlas3
Value: MzeP5SVzxQr6WcFp9pqDwgJxZ851nBrPMOoIXcrDF6w=
.rlcdn.com/ Name: pxrc
Value: CM6D5agGEgUI6AcQABIGCLrqARAA
.pubmatic.com/ Name: SPugT
Value: 1696154062

37 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/e7eb61fcc7ea1f06b2a72c40f8f8fbdc.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/0e2424ea71a504ca314d0c381dba894f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/1bfb9e85f5fbd815a3ca7e0c300cea73.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/11ee01128642dc85086008c0801e13c1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/317223c721bd8a51206a9d31e3cda518.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/90365ec27911f1661506eef194904f8f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/408e6ebf7d0fe0e81ee9eb1a0c5f2c29.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d35f2352a21e5fdaced3df335fad6d6d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3053d4a4ad3d0e40a78553b0de60d06a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/779ec41e9438d87926769f12873d32b7.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d5ad1b9156601ced92f13f6df35b7052.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202104/3eba5a515f75e890a81e6a9bdcb604af.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9101b6b4693153d7825cf1cc776b18c5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/8da9833ad429efbe52a79d754f304da3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5cff97f17eb09556dc07f72cb0ae4850.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/063c032fc0dc20ad28c3229fd90ca4d3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/6cff1431aea567b0c63630bd4dbf0ffa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/cc7234c943917554171c4c25c848cabd.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/f0102cabb87464e7b6f48cca1e49ff28.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e933ed26638236f65c323964af576d2e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b71a4a711c299a8e4f586c3245c9e2a8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/d5f1b6cb4a482f493e942466749b5a13.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/59287d9c0336408b8bcc0db3a61bcd65.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/eceade44c20edd4043db93443a6e84f2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/15be1da2f14a55cd4ca10ed3cf0f9238.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d309d5c82336847fa3e59b38b799c38e.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/50e6bfe24f8c528de829b9c6b124a8c2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c98665426b0cb0137e55a24db4c50570.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvYW8tc2ktcWlhLTk0cGluZy16aGUtbXUtc2h1LW51LW5pYW8tZHUtc2hlLW1hLXlpLWppbmctZGFvLWRpLWJhby1jdWktbGVpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/474599.gif?partner_uid=0b6457e5-3d55-41a3-8fa6-4bac9c59608d_ch&cv=&_t=1696154058658
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 7)
Message:
Mixed Content: The page at 'https://www.bg3.co/a/ao-si-qia-94ping-zhe-mu-shu-nu-niao-du-she-ma-yi-jing-dao-di-bao-cui-lei.html' was loaded over HTTPS, but requested an insecure script 'http://delivery.selfcampaign.com/b/63472.js?provider=adform&unix=1696154060'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://static.bg3.co/imgs/202105/6f16eb8cc6e272a3cdc80bf0bcd5fa0f.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

45f24457e91ebafed2a4bebb122fd0bc.safeframe.googlesyndication.com
69e345c1cc2d35f8c4bfc775055862de.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dclk-match.dotomi.com
delivery.adrecover.com
delivery.selfcampaign.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900016.redintelligence.net
hal900026.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
live.rezync.com
loadm.exelator.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pro.ip-api.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
socket.unibots.in
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
t.teads.tv
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
vjs.zencdn.net
wf.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
am-wf.taboola.com
cm-supply-web.gammaplatform.com
delivery.selfcampaign.com
pixel.onaudience.com
static.bg3.co
sync.crwdcntrl.net
trc.taboola.com
103.231.174.251
104.102.35.84
104.18.24.18
104.18.26.193
104.18.27.193
104.20.218.77
104.22.69.131
13.225.78.123
13.248.245.213
138.201.220.30
138.201.8.249
138.201.84.244
139.144.5.218
141.226.228.48
141.94.171.212
141.95.171.141
141.95.98.64
142.250.185.102
142.250.186.66
145.40.97.67
151.101.129.44
151.101.130.49
151.101.65.108
151.101.65.44
152.199.21.70
162.210.196.208
173.231.181.122
178.250.1.11
178.250.1.9
18.193.11.140
18.197.134.14
18.66.97.120
184.30.21.51
184.30.22.30
185.106.33.48
185.184.8.90
185.255.84.150
185.255.84.152
185.64.190.78
185.64.190.79
185.64.190.81
185.64.191.210
185.86.139.102
185.89.210.212
188.166.17.21
188.42.196.115
193.0.160.131
195.5.165.20
198.47.127.20
2.19.126.143
2.23.197.190
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
211.120.53.203
213.155.156.165
216.52.2.16
216.52.2.39
23.212.211.47
23.212.88.20
23.212.89.35
23.35.236.201
23.88.86.2
23.97.225.52
2400:52e0:1e00::1049:1
2400:52e0:1e00::1079:1
2400:52e0:1e00::860:1
2404:6800:4004:828::2003
2600:1f18:24e6:b900:1f91:c35:2fc1:60fb
2600:1f18:612b:4264:e516:de95:b7c5:dc6
2600:9000:2131:3000:1f:4c18:bd40:93a1
2600:9000:2437:5200:1a:5235:f980:93a1
2600:9000:2437:5400:6:44e3:f8c0:93a1
2602:803:c003:200::45
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::ac43:db6
2606:4700:20::681a:567
2606:4700::6810:5814
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:fa8:8806:16::1400
2a04:4e42:600::649
2a04:4e42:600::729
2a05:d018:d29:3601:970f:dde0:5c57:1e8b
3.123.45.150
3.126.162.124
3.127.97.70
3.220.73.209
3.33.220.150
3.75.62.37
3.82.132.167
31.220.27.134
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.160.19.107
34.198.233.93
34.247.205.196
34.249.177.138
34.250.19.175
34.253.57.114
34.96.71.22
35.186.193.173
35.204.74.118
35.214.130.201
35.227.252.103
35.244.159.8
35.244.174.68
37.157.3.20
37.157.6.233
37.157.6.236
37.157.6.243
46.228.174.117
51.77.64.70
51.89.9.253
52.0.248.85
52.202.131.94
52.215.100.89
52.45.228.151
52.45.97.130
52.46.128.147
52.50.109.207
54.154.110.236
54.171.66.116
54.72.115.16
54.77.142.1
54.78.254.47
63.35.206.11
64.202.112.223
65.9.95.105
67.220.228.201
69.166.1.34
69.173.144.137
69.173.144.138
69.173.144.139
70.42.32.31
77.243.51.122
77.245.57.72
78.46.23.46
8.18.47.7
8.2.110.114
8.2.110.24
8.43.72.98
80.77.87.166
82.145.213.8
85.114.159.118
88.99.65.215
95.101.148.20
98.98.134.242
0084510e182b973087940eb0cdae2f87b1165a3082bb87bd6db73a2ee8800ad3
010e75d6be03368f6ac396722adc361e381ea8d0bff95476c254a92a7703e21a
011b857732e7727f79e0365e2df79fcad55e20c37150cf467741de8fb6a844b4
01298b5a9e9f40f2c0143f2ba18bcd96bfdf10127bfa4e05509a697eac7ece11
0184c504cb17eca263d2767e44a9c32662cb60821d2744411e70e6c26816a67a
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
042dbdf4daef7d343987ebd3d9e397319bd6ada5378b67b0aba3ed5bfe028925
045c5f2e8e08bfe52f3bf59816ae01cc3989ea4712bacf74eb3ae4a8ecf99606
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05d08270ebc1472611db60cfea197498daa929470e078cce5c48639d3df234f7
0664f1a5c21f1d413d8be86a5f116e6d8ad1a59eeac6b72ebbb368dcfad7ef43
06c8fdb5d3045a132027a555e625a11f9a42bc225e93347ef645ee5beabb405a
072855eaaa1382d69118efb9ad218d835e3f274ddd465f9f270b7f0876bf0af4
0862d26a0d1d85dc8261ebaf0ce3f851e826902d6304eabc79b3abea2cb4dafd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
11970b738fc4cd719bf769ec2dc46cd095d4cee7974a578cbb467fd6aa80ff92
125abd02e7e26bfbbb3638931f04b0afcd1d70a18dcc12bd10f7e8491258c90c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12f671dc70e03fd34ff707eee40017714886632aeae47cd8e581517e79caaf9b
139518ebc466fc53d6f7580c4dbda30ddd1f6de47d0ecacf9458a427380a335a
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
144f1ff96e3ccc95f0cad3f40e8537b014fde1668913b51c96e951bdc8756d72
15758c2db662873dccb219dd54528a4f11a8408eb7f32ef06a7bf402bd57d773
16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1a9e8c14538bf3d3f332d91916f841dc3a44889b158e373f65a374f7d37e640b
1abf74259a5ac7318cb29bf964eef04913224ae7a56cb04f64a8e0084b741418
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1efe4c58e023e3413e573feff7ada9e719a752d8fa4fec36c2847c7a4be9dcc9
20639d64ec168737e7f300a86c4eb7cde60c427523804b4aa3211a8b69b1fbf7
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
247d8aadace8960f49bb922060335d39479181bd58d5039afaa0100fd3a0bcc1
24aed6defe9f19121db78ce9f0c850d9df8844e3bb14bb4fa09a5efd5ac6004a
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
29df9123bb1d402fdd8875cd35e5cc9e21f6f082a7870d1f8f38899db47c259e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2bc6c7d97d90fadf832441b3ed00a3750abb16904e24be0e4d53a5652ad5997e
2c521ecf975c872bb8958bef3dc6df89b7f14373128e8f7dbf54b4cce8a408a9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8b7faedeb1ea3bfb7cab65e670ae1cc7e9e9a83bd021433a75739cc3f81774
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3276ff37f3543bd6d4c95c7156273fa1bded3f279f8c311ff53ce605c54e0c5d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32af3ae0a6d10be15af4a0c6568741621abdf7a47d937b033548d20d4cdd7ece
32e7ebeb35c190a8014c62673e0d81e8fab28b27b2b8f74a71f73dab5aa62c69
3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
3568f85c0725b99d2496f15ecce533eee9e324acd15b7bc65a5dba221f9d6a21
358cde51e2732f6a5b501c7ce56dc9b141bded58d4732a5d7f31cb62fac48d12
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36790f007497543bb12c8fcfbf547b038ed0507336e3fc1613ef58683e86be33
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe
3b12cb7b9d35cd9b173edb4230119c2422b5747eee4171cbf34ab8f27903d5a3
3b3a79df7bbee5141a6ec36cc17ff8afb63a175118f48a01474b28bf9e31cda6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dda4b612b71837af80704cfd117ba93f853a06de5d8ce91b9611109f5f20ff9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405aa03cc97dbedfcc463d41e88b556d4f59ff6fae6b2422026e45fc802c2db8
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b0d8b45412dd1ea7abbc908100165b57b889020dee801a7b93ada264fd7a89
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
4a3f9d24c2bc8ebbba07d620ee0211f8196f624fa139869d167283a3332accf6
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d125e5fb23f88aa16c0df9b801c7a0820135c7fbc7628bd57e7bcf4989d8b1a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f8adae2bed7f184712dc52d0479c5519550ecb71fbec57cf4d780e1daca3fbb
5013f3a57eb362b74aaeee0c64487c7a641ff3abf1835af376464cd1bdac5207
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51875d1f0cd0edb7ba2a1df7a32c63f5a55b14fda5bfa3e10e90c38dd8809b23
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5557ef8cb4dd63b5219c8e7f8a6feb6d65157d0b817d4a7c8b69bd69d6a35aea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5a4667671f2519311d4d65e49dba3f85ee7cb20e78751c14c456886c68f634d0
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d66a14dc88b2faaa63c6f613ff517dca234caec6572535d0df54ca600fe7d52
5f7ffef8f085a2c56250bba51835fbb0d64cd1f1b1c898e88179d8febb1fd62a
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
615947c339cca9d84c11e4135c193b6863fc92eb2b2718f4960e04575d628216
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62af0f0e9c56a9df4e8fb2b27152659788f810e79d41318427b3b79a728e7a86
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
663c805bbf4171bf0a11196eeb5663b37d3c81cf773900cfabc4b307f0fcaa1e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
67c8d8003bc0741220785a7d57d2db612a706276388204fa25382986ccce40eb
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6903fd0e2d5bc3f49e1de66ca3de89cab3acd0bdc3e6d8a18114eadfcb1d8915
69cc2eb6270df57d2eec23d6dc73d9c8baeb45abde821608ec4016ceee0c1de3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b8d375723ca101d2d8db1a996bddc6b96e0556e7dd32c2e4aaff1cebcfd5db4
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
713fa9426a7aa6b698e13aad76a65d0f49120d6e8eecd76455b0d68640927f3b
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79bbddd0120a0f82c9981a77eb96848f5ab845e72c70fd92e54fc10698b8827f
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7d01ed74362af887d7c0d8a940a42773d2866fde76b8d53620218619ffc66cb4
7d9f6cdc72459fe781e474e3f20f8e571bdadd848477b35290aeaef14984920e
7dbe24ad3b6d2edf03c7bd53610828f317ae7dabe3e98e269389c8a521278265
7e51fbbf85baa6453dd65f6100a02acc1b6753b09391a0d3f9c72fbfdda0e9d1
7e8e93a07c22b0beb4570abe4254a8e6072e6458e39ef47b346699b3292ec53e
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
81b95dbb523b8353be1d60639be743753a831e8f8e4cdbe0462d5bec18d96712
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
866018151da9573f1a1a27f72db28272d0a26a4a0bbae2f3e9c4a5e9a87c6ad1
86da27425eadef5e7cfe8652d3168d6260bd12706bd09304ed0ef8d6f4bd95c7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ceed09defdba709811ccf53273572667dbd45ea05d51d2744954d185e9dfd90
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
8fa8ca1b3e0d637a296c80d93790f00bdd5de7fdda38babe8eb93be7ceb2c3e0
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
90fa48c6351b033e32f1772a351f84981eb113b166ad8bfc4e54f8b6f47e00f5
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
924f55efbbdb95057902d2ac0af0ef7cfb00b167399aec9ed37f5352414ed63e
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d3c3b14989fff6ff78794c4e9563df6431537b5d4646b02e92339586754888c
9f9872c92f4d1288d8f13c559b33b97257040baa8e87f030c03753442bb7f423
a002220b72087220512f456af8b863a01340541c1ab31298bd485317cd32584e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a782e94758a1b2ef3290035f32ef4415e53284d7f7c6bdc540f66fcf67377925
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
ade60f9c0549db403e2b5b7a5efdf8d71fe1b022afb0b2044716067f41590e40
ae9f324d6761e247bf6afddd903ac98c3723814eee5626b7827e2c7438ace35b
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5333f10a6cd01688e856436a2cec8999da9fe005a6c1ca2fabd59e0ac21e30f
b60b0182287c737c56da3e2d3d201a5fd23c492e64a97f8456fff803f800d3a5
b6935fd190a45ea93455396cdf39b4de524d53085fce0d1d12d71b28a015b80e
b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bdb89ce18b6570961db3a4118d6abe4369c1511dbd17f5c818b750268ab975a4
be9a8df846b7ee6cf588a71b54efe0d8b9d6fe9ad0f97414ad63ad297b121146
bf86ad8e626a8b1e34f895b05c6511929ec3c7b42a0c6a838b9123b06467b7d8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c42711787187e464b92b1f7d7c054dc66d3d2b61367dbb113d19d85d0b5878f3
c4b5972951f1b2a2daeecd828eec88b97970825e71b314b1f2a04a73a14784d2
ca2b07f9446d0ceac360b211f13c61a71c5ec6e232ae0d28c43dda06221486d0
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ca5cc7635adb919849a168cefccd2d840c90910988a104f8e91d33763b3b49d0
caf6614d7dd284632bd2d812f9134eb084c04feb0bdd5d4de973f75c3e24ecd2
ce15bb918722954d1ad3d4cda4f31217857dd009a83455f659a322601ae76304
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d40c46f151ad280dc12a106cb11b28a2eefae19278d85ecf894ca7dd21643cf1
d4ad80d7d73b7f24ebf06c45f0c0440cb9be0f663436a81dd259d4706d1e03a7
d51b60a081fa9022123494a4d513c6a1c125ecba10def7d3bf2ed140c2c4990e
d71e93ba8c6365cb7a7d9dbad18b90bbbff488cf7b75780a787aefdac2613816
dad1a8fe69fc960c968927b2a97345d3ec565cdcf110cd312a3bff5d3d9d6f5a
daeaceae7fd7857280ab71af9b6926d9a2d24d0b6b78ef5d713749e741a99224
db0c389727869d191dd14654439c1a1e7ec177a45c1ae3a4fabe949ac6f33694
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007
deec187383282cfacaec68f31e844621df5bc03efce6550768ab2943847840d4
e08f7e9f6ae30abe3a4bbad4c5c8df2735a5ad29b1f42acea863affb94a1f549
e30271f2cc06f1a955536bc859f6fe812e9254ec4f4e925471bfd6833b6fe751
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
efb344dea9b4a69e32922668563cb102cf93a21fe2b83db3e679107ceda5e57f
f56bc825839f62fe7b2597768b08fa433e8ad2e02db872cface67b4821ffe034
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cca96cd106699d8f17ed674c6a17a62c26ff33303c66394d59979946a2c161
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
fab25b903a6cce20bf3be041967945c63bc3d9af152af08534728c27100ee3b0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e