urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng...
Submission: On November 15 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 131 IPs in 15 countries across 123 domains to perform 583 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
6 152.199.21.70 15133 (EDGECAST)
40 151.101.65.44 54113 (FASTLY)
1 2 192.96.203.13 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
13 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a04:4e42::649 54113 (FASTLY)
4 2001:4860:480... 15169 (GOOGLE)
2 2600:1f18:24e... 14618 (AMAZON-AES)
7 23.97.225.52 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
4 7 2620:116:800d... 16509 (AMAZON-02)
1 3 162.210.196.208 30633 (LEASEWEB-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 12 185.89.210.244 29990 (ASN-APPNEX)
1 3.126.136.176 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
8 24 104.18.36.155 13335 (CLOUDFLAR...)
2 5 147.75.84.158 54825 (PACKET)
18 54.77.250.56 16509 (AMAZON-02)
1 18.157.98.129 16509 (AMAZON-02)
1 2 52.19.228.53 16509 (AMAZON-02)
3 51.89.9.253 16276 (OVH)
15 104.22.68.131 13335 (CLOUDFLAR...)
1 5 35.186.253.211 15169 (GOOGLE)
1 95.101.149.35 16625 (AKAMAI-AS)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 139.144.5.218 63949 (AKAMAI-LI...)
1 2600:9000:223... 16509 (AMAZON-02)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
3 222.230.178.130 2519 (VECTANT A...)
4 2a00:1450:400... 15169 (GOOGLE)
3 3 23.56.202.187 16625 (AKAMAI-AS)
10 184.30.22.30 16625 (AKAMAI-AS)
12 15.197.193.217 16509 (AMAZON-02)
1 65.9.66.83 16509 (AMAZON-02)
17 185.106.33.48 200478 (TABOOLA-AS)
4 151.101.1.44 54113 (FASTLY)
1 51.77.64.70 16276 (OVH)
5 9 69.173.144.138 26667 (RUBICONPR...)
11 14 69.173.144.139 26667 (RUBICONPR...)
16 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 43 142.250.185.130 15169 (GOOGLE)
1 2 2620:1ec:22::14 8068 (MICROSOFT...)
2 5 67.220.228.202 16509 (AMAZON-02)
5 9 2a05:d018:d29... 16509 (AMAZON-02)
2 5 52.46.128.147 16509 (AMAZON-02)
5 7 52.210.96.209 16509 (AMAZON-02)
2 2 54.156.137.107 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
2 3 216.52.2.16 32475 (SINGLEHOP...)
3 3.126.228.123 16509 (AMAZON-02)
1 2a04:4e42::729 54113 (FASTLY)
2 142.250.184.230 15169 (GOOGLE)
2 138.201.84.245 24940 (HETZNER-AS)
9 141.226.228.48 200478 (TABOOLA-AS)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
5 222.230.178.132 2519 (VECTANT A...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 5 176.9.26.250 24940 (HETZNER-AS)
1 5 138.201.135.164 24940 (HETZNER-AS)
4 5 3.75.62.37 16509 (AMAZON-02)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2 3.69.152.80 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
3 3 69.166.1.66 27630 (AS-XFERNET)
2 3 2.18.160.23 16625 (AKAMAI-AS)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
8 9 18.157.99.226 16509 (AMAZON-02)
1 2600:1901:0:e... 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 88.99.69.161 24940 (HETZNER-AS)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a00:1450:400... 15169 (GOOGLE)
15 2400:52e0:1e0... 200325 (BUNNYCDN)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
7 8 37.157.5.133 198622 (ADFORM)
7 7 46.228.174.117 56396 (AMOBEE)
1 54.65.50.241 16509 (AMAZON-02)
3 3 82.145.213.8 39832 (NO-OPERA)
3 4 34.91.62.186 396982 (GOOGLE-CL...)
2 6 185.64.190.78 62713 (AS-PUBMATIC)
3 4 13.248.245.213 16509 (AMAZON-02)
1 159.203.145.121 14061 (DIGITALOC...)
1 2 23.32.185.35 16625 (AKAMAI-AS)
4 17 35.244.159.8 15169 (GOOGLE)
4 6 133.186.12.14 10010 (TOKAI TOK...)
1 1 222.230.178.29 2519 (VECTANT A...)
1 1 139.162.38.30 63949 (AKAMAI-LI...)
1 141.226.224.32 200478 (TABOOLA-AS)
5 2a00:1288:80:... 203220 (YAHOO-DEB)
1 34.102.196.122 396982 (GOOGLE-CL...)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 23.35.236.188 16625 (AKAMAI-AS)
1 13.32.27.99 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
2 54.220.165.75 16509 (AMAZON-02)
1 2 185.86.139.93 201081 (SMARTADSE...)
4 23.32.184.192 16625 (AKAMAI-AS)
10 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 54.83.246.219 14618 (AMAZON-AES)
3 216.52.2.30 30282 (AS-INAPCD...)
2 2 2001:678:cb4:... 56396 (AMOBEE)
5 5 193.0.160.130 54312 (ROCKETFUEL)
6 6 52.200.65.147 14618 (AMAZON-AES)
2 2 2001:678:cb4:... 56396 (AMOBEE)
4 4 13.32.27.28 16509 (AMAZON-02)
3 5 35.244.174.68 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
6 6 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 72.251.241.204 32475 (SINGLEHOP...)
5 5 64.74.236.223 19024 (INTERNAP-...)
2 2 185.86.138.146 201081 (SMARTADSE...)
14 52.210.15.1 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
3 3 52.72.41.189 14618 (AMAZON-AES)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
3 5 185.86.138.152 201081 (SMARTADSE...)
7 9 63.34.193.74 16509 (AMAZON-02)
2 2 35.214.188.68 15169 (GOOGLE)
1 1 124.146.153.169 2514 (INFOSPHER...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
6 10 185.64.190.79 62713 (AS-PUBMATIC)
1 34.102.253.54 396982 (GOOGLE-CL...)
1 178.250.1.9 44788 (ASN-CRITE...)
2 9 198.47.127.205 3257 (GTT-BACKB...)
6 11 185.64.191.210 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 141.95.32.72 16276 (OVH)
2 2 213.155.156.167 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
3 4 34.255.67.121 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 198.47.127.20 62713 (AS-PUBMATIC)
2 2 98.98.134.243 21859 (ZEN-ECN)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 2 52.51.180.59 16509 (AMAZON-02)
1 1 2607:ae80:4::25 26558 (FREEWHEEL)
1 52.210.50.120 16509 (AMAZON-02)
1 1 37.157.3.20 198622 (ADFORM)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 151.101.2.49 54113 (FASTLY)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 18.197.198.113 16509 (AMAZON-02)
1 1 141.94.242.206 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 141.94.171.213 16276 (OVH)
583 131
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
42    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
6    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
40    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
13    2400:52e0:1e00::1078:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2600:1f18:24e6:b902:3b73:e7ee:7fde:90af (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
7    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
187a39e975b517f47d5b01a9f3d97e5e.safeframe.googlesyndication.com
7    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
3    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    3.126.136.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
24    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
5    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
18    54.77.250.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    18.157.98.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-98-129.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    52.19.228.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
3    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
15    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    139.144.5.218 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-144-5-218.ip.linodeusercontent.com
socket.unibots.in
1    2600:9000:223c:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    222.230.178.130 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
js.genieessp.com
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
12    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    65.9.66.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-83.fra56.r.cloudfront.net
cdn.socket.io
17    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
4    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
14    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
16    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pubads.g.doubleclick.net
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
43    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
2    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    2a05:d018:d29:3601:29b0:22b3:ca65:1176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    52.210.96.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-96-209.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    54.156.137.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-137-107.compute-1.amazonaws.com
sync.ipredictive.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
3    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    3.126.228.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-228-123.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
2    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
2    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal9000.redintelligence.net
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    222.230.178.132 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
ialaddin.genieesspv.jp
2    2a02:26f0:480:25::1726:620a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
5    176.9.26.250 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
5    138.201.135.164 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    3.69.152.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-152-80.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
1    154.59.122.79 (Secaucus, United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
3    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
c21lg-d.media.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
9    18.157.99.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de
cdn.contentspread.net
1    2400:52e0:1e00::1054:1 (Germany)

ASN200325 (BUNNYCDN, SI)
unibots.b-cdn.net
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
15    2400:52e0:1e00::1075:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
8    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    54.65.50.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-50-241.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
4    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
17    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
genieeintl-d.openx.net
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
6    133.186.12.14 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p014.net133186012.broadline.ne.jp
cs.gssprt.jp
1    222.230.178.29 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
rt.gsspat.jp
1    139.162.38.30 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1451-30.members.linode.com
g.c.appier.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
5    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
pn.ybp.yahoo.com
s.yimg.com
cdn.js7k.com
1    34.102.196.122 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.196.102.34.bc.googleusercontent.com
ox-delivery-prod-europe-west4.openx.net
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net
public.servenobid.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    54.220.165.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
10    2600:9000:223f:7200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    54.83.246.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-246-219.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
3    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    52.200.65.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-65-147.compute-1.amazonaws.com
i.liadm.com
2    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
4    13.32.27.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net
live.rezync.com
5    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
6    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
openx2-match.dotomi.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
5    64.74.236.223 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    185.86.138.146 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
14    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
3    52.72.41.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-41-189.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
5    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
9    63.34.193.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-193-74.eu-west-1.compute.amazonaws.com
a.audrte.com
2    35.214.188.68 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 68.188.214.35.bc.googleusercontent.com
csync.loopme.me
1    124.146.153.169 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
10    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
9    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
11    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    141.95.32.72 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl
ws.rqtrk.eu
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
4    34.255.67.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    52.51.180.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-180-59.eu-west-1.compute.amazonaws.com
ice.360yield.com
1    2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    52.210.50.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-50-120.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2607:f8b0:4001:c10::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    18.197.198.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-198-113.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    141.94.242.206 (France)

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
71 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
15.taboola.com — Cisco Umbrella Rank: 6402
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
vidstat.taboola.com — Cisco Umbrella Rank: 3029
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
sync.taboola.com — Cisco Umbrella Rank: 1322
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
am-wf.taboola.com
1 MB
70 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
464 KB
54 googlesyndication.com
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
187a39e975b517f47d5b01a9f3d97e5e.safeframe.googlesyndication.com
483 KB
43 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 823
ads.pubmatic.com — Cisco Umbrella Rank: 534
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
50 KB
39 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
87 KB
28 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 26964
stream.unibotscdn.com — Cisco Umbrella Rank: 34934
5 MB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
23 KB
23 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
genieeintl-d.openx.net — Cisco Umbrella Rank: 305998
ox-delivery-prod-europe-west4.openx.net — Cisco Umbrella Rank: 169571
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
24 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
10 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
15 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pn.ybp.yahoo.com — Cisco Umbrella Rank: 1473
10 KB
15 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
19 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
26 KB
12 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal900014.redintelligence.net — Cisco Umbrella Rank: 286354
hal900015.redintelligence.net — Cisco Umbrella Rank: 245129
21 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
12 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
303 KB
10 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
5 KB
10 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
199 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
8 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
3 KB
9 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
6 KB
9 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
sync.smartadserver.com — Cisco Umbrella Rank: 1330
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
4 KB
9 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
5 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
dis.criteo.com — Cisco Umbrella Rank: 597
21 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
12 KB
6 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
openx2-match.dotomi.com — Cisco Umbrella Rank: 4926
2 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
4 KB
6 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 17944
2 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
947 B
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
5 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
5 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
5 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
ajax.googleapis.com — Cisco Umbrella Rank: 364
402 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
563 B
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
cs.media.net — Cisco Umbrella Rank: 1513
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
c21lg-d.media.net — Cisco Umbrella Rank: 2513
12 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com — Cisco Umbrella Rank: 1384
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
252 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
339 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
361 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
3 yimg.com
s.yimg.com — Cisco Umbrella Rank: 648
70 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
2 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
12 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
sync.teads.tv — Cisco Umbrella Rank: 1403
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4780
1 KB
2 gstatic.com
csi.gstatic.com
279 B
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2116
668 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
460 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
565 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
1 KB
2 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526
36 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 54581
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
921 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
522 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
919 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
914 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
505 B
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
172 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
512 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709 Failed
144 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
352 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
260 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
826 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
582 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
424 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 1846
14 KB
1 appier.net
g.c.appier.net — Cisco Umbrella Rank: 80997
390 B
1 gsspat.jp
rt.gsspat.jp — Cisco Umbrella Rank: 59650
268 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 4555
134 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7108
44 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 37738
1 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
684 B
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5091
145 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6032
276 B
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 40153
13 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
643 B
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 60152
4 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
30 KB
1 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
17 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 shb-sync.com Failed
us.shb-sync.com Failed
583 123
Domain Requested by
43 cm.g.doubleclick.net 17 redirects www.bg3.co
googleads.g.doubleclick.net
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
adpushup-d.openx.net
g2.gumgum.com
ssbsync.smartadserver.com
33 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
imasdk.googleapis.com
www.googletagservices.com
18 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
17 il-trc-events.taboola.com www.bg3.co
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
pagead2.googlesyndication.com
15 stream.unibotscdn.com vjs.zencdn.net
15 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 pixel.rubiconproject.com 11 redirects www.bg3.co
14 images.taboola.com www.bg3.co
13 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
12 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
ads.pubmatic.com
12 match.adsrvr.org www.bg3.co
imprammp.taboola.com
am-match.taboola.com
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
11 simage2.pubmatic.com 6 redirects ads.pubmatic.com
10 pubads.g.doubleclick.net imasdk.googleapis.com
10 image8.pubmatic.com 6 redirects ads.pubmatic.com
10 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
imprammp.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
9 image2.pubmatic.com 2 redirects ads.pubmatic.com
9 a.audrte.com 7 redirects ssbsync.smartadserver.com
ads.pubmatic.com
9 us-u.openx.net 1 redirects adpushup-d.openx.net
eu-u.openx.net
9 x.bidswitch.net 8 redirects am-match.taboola.com
9 static.criteo.net ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
9 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
eu-u.openx.net
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
9 ib.adnxs.com 5 redirects cdn.adpushup.com
www.bg3.co
acdn.adnxs.com
9 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.adpushup.com
cdn.aralego.net
7 match.prod.bidr.io 5 redirects www.bg3.co
eu-u.openx.net
7 e3.adpushup.com www.bg3.co
6 i.liadm.com 6 redirects
6 cs.gssprt.jp 4 redirects www.bg3.co
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 googleads.g.doubleclick.net 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
5 b1sync.zemanta.com 5 redirects
5 idsync.rlcdn.com 3 redirects ssum-sec.casalemedia.com
5 p.rfihub.com 5 redirects
5 sync.1rx.io 5 redirects
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 cms.quantserve.com 4 redirects googleads.g.doubleclick.net
5 ups.analytics.yahoo.com 4 redirects am-match.taboola.com
5 hal900015.redintelligence.net 1 redirects 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
hal900015.redintelligence.net
5 hal900014.redintelligence.net 1 redirects 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
hal900014.redintelligence.net
5 ialaddin.genieesspv.jp www.bg3.co
5 s.amazon-adsystem.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 www.google.com 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 rtb.openx.net 1 redirects cdn.adpushup.com
eu-u.openx.net
5 prebid.a-mo.net 2 redirects cdn.adpushup.com
www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 creativecdn.com 4 redirects
4 live.rezync.com 4 redirects
4 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
csync.smilewanted.com
ads.pubmatic.com
4 eb2.3lift.com 3 redirects cdn.adpushup.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 www.googletagservices.com www.bg3.co
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 trc.taboola.com cdn.taboola.com
www.bg3.co
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 sync.srv.stackadapt.com 3 redirects
3 secure.adnxs.com 3 redirects
3 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
3 s.yimg.com pn.ybp.yahoo.com
s.yimg.com
3 genieeintl-d.openx.net 1 redirects www.bg3.co
3 t.adx.opera.com 3 redirects
3 sync.go.sonobi.com 3 redirects
3 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
3 match.sharethrough.com www.bg3.co
public.servenobid.com
cs-server-s2s.yellowblue.io
3 ce.lijit.com 2 redirects www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 js.genieessp.com www.bg3.co
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 htlb.casalemedia.com cdn.adpushup.com
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 am-wf.taboola.com vidstat.taboola.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 ice.360yield.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 u.openx.net 2 redirects
2 csync.loopme.me 2 redirects
2 dmp.adform.net 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 casale-match.dotomi.com 2 redirects
2 d.turn.com 2 redirects
2 ad.turn.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 eu-u.openx.net adpushup-d.openx.net
genieeintl-d.openx.net
2 sync.teads.tv 1 redirects 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
2 sync.targeting.unrulymedia.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 cdn.contentspread.net hal900014.redintelligence.net
hal900015.redintelligence.net
2 pm.w55c.net 2 redirects
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 hal9000.redintelligence.net 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
2 ad.doubleclick.net 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
2 capi.connatix.com 1 redirects www.bg3.co
2 pixel.tapad.com 1 redirects www.bg3.co
2 sync.ipredictive.com 2 redirects
2 px.ads.linkedin.com 1 redirects www.bg3.co
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
cdn.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 tr.blismedia.com eu-u.openx.net
1 cm.adform.net 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 ads.stickyadstv.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync-tm.everesttech.net ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 visitor.omnitagjs.com 1 redirects
1 ads.playground.xyz cs-rtb.minutemedia-prebid.com
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 dsp.nrich.ai 1 redirects
1 c21lg-d.media.net contextual.media.net
1 static.smilewanted.com csync.smilewanted.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 hbx.media.net 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 contextual.media.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 cdn.js7k.com pn.ybp.yahoo.com
1 ox-delivery-prod-europe-west4.openx.net genieeintl-d.openx.net
1 pn.ybp.yahoo.com genieeintl-d.openx.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 g.c.appier.net 1 redirects
1 rt.gsspat.jp 1 redirects
1 cs.chocolateplatform.com 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
1 cc.adingo.jp 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
1 s.tribalfusion.com 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
1 s0.2mdn.net imasdk.googleapis.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 ajax.googleapis.com hal900014.redintelligence.net
1 audiencedata.im-apps.net dmp.im-apps.net
1 vidstatb.taboola.com www.bg3.co
1 csm.eu.criteo.net ads.eu.criteo.com
1 cs.media.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 imprammp.taboola.com vidstat.taboola.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 187a39e975b517f47d5b01a9f3d97e5e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pro.ip-api.com cdn.unibotscdn.com
1 15.taboola.com cdn.taboola.com
1 cdn.socket.io cdn.unibotscdn.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 socket.unibots.in cdn.unibotscdn.com
1 bidder.criteo.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 code.jquery.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 delivery.adrecover.com www.bg3.co
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 us.shb-sync.com Failed public.servenobid.com
0 static.bg3.co Failed www.bg3.co
583 214
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
socket.unibots.in
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-11-26		 a year crt.sh
cdn.socket.io
Amazon RSA 2048 M03		 2023-10-22 -
2024-11-17		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
stream.unibotscdn.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh
*.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2023-12-27		 2 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 104 frames:

Primary Page: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Frame ID: 769BBF1044AF0A561903502FA116DBD4
Requests: 205 HTTP requests in this frame

Frame: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2031AA1CBF995562E8E76ED88A172C91
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 2B01065977EFCB85C64A6CD9B699D470
Requests: 2 HTTP requests in this frame

Frame: https://js.genieessp.com/t/551/001/a1551001.js
Frame ID: FF084B98674FEEBF6ED53D67AD8C9410
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 54107D654090D1065E1032890C5A40CA
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 93FE02B1FB7556E4E2D8968971085AAD
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 4CFB94247F17BA621269E8893AD35FBB
Requests: 20 HTTP requests in this frame

Frame: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97B9E0B9D69A33A977C2E21A86A50848
Requests: 18 HTTP requests in this frame

Frame: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 282355026976BCBF52F552F0B99A1ABC
Requests: 18 HTTP requests in this frame

Frame: https://187a39e975b517f47d5b01a9f3d97e5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F6F029608DF368F005F56B67F0E82DED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWdRIN8_YCcTPUguVnsOF5Ms-CY7uFme2IMbgdOE1NbBqg7SMh-gT6oahF5hs75o-Uh3G10A5Xjo3oRT7mfnJ29zqtgXA
Frame ID: 87B3D26D74B263726AA68D619818731C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNXeJmIXnna2K8hBmcRCNwu4Ojf-iq4VtSIdoi9Rj91XucKg3i75Kt9UznpjRn87wa5vi5tL32B7wx64nSTRy6luZ-GzzQ
Frame ID: 454C56425EF8FF541578C77016A0A785
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Frame ID: 0542FF6F6FAA28FFB3330DDCFE31A336
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10A3BEB2EB7ED31E95759B4C768EA2B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 989A9BF7E65161146AB4AE43BB50EC33
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&cmcv=&pix=undefined&cb=1700045843012&uv=3358&tms=1700045843012&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=949bce37-45f6-4e43-b484-7201d2f4c7e1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C42C037A1906DD1C220B590784DCFF8A
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 1E00C8CBE0E181BCB6EAC0C423F80119
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5141BD9DA530A96263EDDDE0ABC158A1
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: A3AF0EEFAC399805500DDDB9FCA53AE6
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6DE0C4A64414FB5F1D72D9BE10E2AFF2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 080DCD1BD11EA6F72F468D8CFFE86CE4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 4D622FDCBC15DE9AEE2CAFF036DF6B3A
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 50EFC09687ECFDAFCE1307DE35A78625
Requests: 4 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
Frame ID: 409C6559FA765C92FC7D24E7B058485E
Requests: 6 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=60543900066076204438446012509015&a=71e68eb5
Frame ID: D911DF86F7187BFEC46695AC16E26944
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8B485B222A29CD6819FD46B64F40A41
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFF986E14BEB1FDCA65BFF9EE4691786
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Frame ID: D5879B29F3D66BBC60D5AAB63989923B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F3B67CC222951E3AAC31833756EC722B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBED82DCDE24E6B9D645B81E20AC8955
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7532D3ACD2D1C125BBADE8ECE916CDC2
Requests: 2 HTTP requests in this frame

Frame: https://pn.ybp.yahoo.com/ab/secure/true/imp/uatQZuSlietNNAOXohpJhWXhwrDQLl5_I71pc3SNuuZ5cGmqHKsruG-HrV8u8TOmBP2Le3gCU7DqNN8vBNH8PmfGnKrP6e9lUeA0yF92e7k8JD8H1_DiZzdp9P2UldJGoEM7FkP4wwzxsaONIdw7wg-sqi9lyccIWw-OVsBQfFJNlvLFS_PoJFHDYEcYs6HFppJB9tBs1zpTKjBrba8zhxXaY2uZGgTr5ndW2byWZ0QrliyEx5PVoBQmF1aRRmlQj-eKTSEH0h0MRxGpcJh2Fp9FmwXqPDtUIDdtjksVr1O1vLL9KGHqmld9O0DO4lZhzbqD1huscqo_JPiFDy1go1k6K2aAlG0Kt9RKwApimceQJauXWjbMX0s3XaY_lWVqwgq4erspQuEdl42no0V0LiNuZTTGuFLTRjHRg-TCaOBg0BpUR-MFAKgaxOcESnKxv9xHxYUCCuOcmRYuMnNb6XIIOnmbHndD9fl_03gz3MA5YKshCZBKfKRWadPyzJJ-itBG5qOfoKMJH_QtNljFgb47CIKNyvIvEwtB58t-Pxnsv9un_OlaDG-j7ZJTA3QiumxrIGytkNNuGg1wxVfo5jXiJ8lcAnKzB6Hx_1BQq1W9Oo6omyGoe8xrtqHu5EdPCFRVN0IrfSKqolGzjNxYwmaGUThohg4Fu8tu5_yoqLa68rlFc8vWNwdgdcRdCqOPePgFuR0xDhzwSh659L7xzamziyc7-SvHCzcCRj4OISpb_ObrTo7lbox0ndBfcuFkr_efcUSFbO8P1snumC_cWzdojcJ3JWTyAMkFwTgYWtxSVRoutBrJyGsAFqiIzdOZm1KN11AsiNCVP8iuHp8ibU21uIhlJuB2R7PfPo7-4ongEW3mI_9sBBeSN0Sy0RmXb5S6El8EKe9zGcSwU9vYoOi1sezbXep0BEli9VUTa_y-vPzUeAPlC65rxxOhim7Ib782yJ5dGPoPidIwfZiDVJ_7yN30aQ8Rd3-ugy39naNhs9fX1ubJKxD0943alEuOY4H0andNpxfuVMblHN5LywW4HBGIR0TXzKzUEzktxZddTL4v0xY5uG6HcZP1hoYCG7ur6BVSj7wR33o7rGLAnyiTBvD1bbuFsgvFFJqvCDUkLpkdCL9ivacFJrZDjeyX9v4S6lHygRIUR7ahni6Pgbv8oTGS-0Qzu7LJ5BTAh0mX_WFqWgvcNnYRF7JOrvhG3ws7OSU7GjUspIxT39ygdfGfUMnDVHHXQPx7csLI8bmk5Juet9CVGP5hcmML3GLeGOm2L4C2PkX-QA6OU-noGUusQ_opDGZ39_QB4V4oOOI-4vbObyr6dkyXrId8C6pbk5oGfyb1DejnwFCNFVs9DceBsTQ6704wT6UxAk_Yo7nw1KkDkxYNAuiqIw7ZPtPrjDBaJjWsObEm4R5OpDB5gXLXsrV-0t37vwRswHteyDQwWknDRxJ0ykmwFvLeQjYeWhvQiffnvjUL9ugRPMPDtqBQR9II1g6zVg8RLUoH98GH9RH7a5rFMrW_zYQZKxoUjUaU0QBPG4d_OYZewhYY3uGw4__X7iB8t8sK0XMa2BE/wp/AAABi9Kg8EVhxUWjyAZ7B5YneNnTIdkxGxo7WQ
Frame ID: CDD4E3E16185B0B7BEEACF83F929BAD3
Requests: 4 HTTP requests in this frame

Frame: https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
Frame ID: D3F385D1A27C928916AB2317D188F3D9
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C2323060A9F10508D29EE6BC65297B0A
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 268E6458DCC9B28904CE1D417B6AD8F2
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700045841776
Frame ID: 3E8BDB40A1FE6BADA6AD0F8BE025D0DB
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BF8ADAC1BA35D77DF293F028B3D49100
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: AD87DAF25BCE12FB81CF96AE078BB79A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F72A6F99C952EF5EB472E1C8BC630FE1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 90C352B341EE1722D74619DD84CEB28C
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 47237435BC2F34E688EEC882823B67A8
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3436947B624782CF1A997BAC1FDDA9E8
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: D67F056100B836EE1997F5AFA7A8E8B0
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 134E0FAD108D6DFD3B949661B77160CA
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 811C88963F078223EAB39ED4E71E6BD2
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9F548733D6EFAD48D99A1BCFA6FCDF83
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 84D719F865224CBFABB7F23D7198E4D6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 8DF982FAD7AFDA09DB29513000CAA5AB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: CC00DC9C857377725EE3581AB113BEDC
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 375C3FBC2EDA9DEBCEAA81503EF0B238
Requests: 23 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 126310A42730E211C48A950EFEB2750D
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 83031573E72A240ECC61EE87E07B23DE
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 2E7449482A6DD35CE5E591C0AE7D6550
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 3C9820EFC6FB1761C472319B0DD0355C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/7168262712027533764
Frame ID: 22B6C8BBF30F07098E8453FDA4B0A7A5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/48507131891807019
Frame ID: 7AF6B38F93C4AA49357D6BCAF5145E92
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=1861992871520555189&gdpr=0&gdpr_consent=
Frame ID: A1A8FCA6C5EEE492E55E8AD908F725A4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YTlmMGE2MS0yYzBhLTQwNDItODcwMi04ZjQyNTUwZTMwM2M=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: BAD5AF9EF973304D6C8D051786C53DB7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 03207CF2146E60EA56566F186CF919C3
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LOZNEET6-1Q-1N34?gdpr=0
Frame ID: 3E08D0B513931EDD75A37E353B847CCC
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: A263CFE3E0F0E4BA0F03F8149A7AFD6F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVSkFcCo8X8AAE54v1IAAAAA
Frame ID: B218C490F5E1310FEEBA60EFDD46FCE2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=gumgum&tc=1
Frame ID: DDF6150387A0875569D295305C0E15DC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DABAEFCD1E9369004E66149076F9F9C3
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 0BE85EE2B088359589264C28752EDFCD
Requests: 2 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 8EA796670A421A78E0B27BB674EEE907
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 70CE91D168660648E06C068EFBFC4E1C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=92F189C5-44AD-4066-9CB9-7B0CB284505B&redir=true&gdpr=0&gdpr_consent=
Frame ID: BBBAF11E18EE185752221A42FC777B5D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8
Frame ID: F4B820E1FCA8F7DCF27B25D34D5A4B33
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=48507131891807019&gdpr=0&gdpr_consent=
Frame ID: 01A60E481EAF168C23240C7E84A2918C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7301641305985841294&gdpr=0&gdpr_consent=
Frame ID: 6CC48ECD63E32FC2A2544738F79E8056
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: EC5B130C51B373B197A95817A418C637
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Frame ID: CE326FD8656997FD3693DBBAFCB89247
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb9af4910f73d4adfafb68f6edaadfe92
Frame ID: C97B6389331270C71559100B4EBC3532
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 1AD51CA89667A399989DCB9E755C8ED7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 92B0994F25C7B941CD1C22372801A7EB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVSkFQAD9Hez5AAU
Frame ID: DCB43E26BF1A3FE969E88A91F39CF5C6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 33CE4ADA5BBA42CA50DA7160AD937C12
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 92806D54B4417137F4BE131091FD74B5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4007090260949525310
Frame ID: 526E09AA517DF68CFFC401002BD11C7D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336726325955581
Frame ID: 13C464FFD287481BF70CBF973A0C5D46
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: ABC804E74A9CDCA46985B043915759C8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: E4548CD9F8CE23B33DB4331856FC022E
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: C8D06CB7F29C00903A4A4EA3B2405696
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B
Frame ID: 3D202AC3ADBE737589ACC61748BFAB4A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/3f076d65-d70a-41f5-9e80-a0b0a0451eb4&partner_id=1010
Frame ID: 0191B2EA385CE687C81222BAC501B1AC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/61cbcb5d-144b-0e7d-15eb-fd066ddffbc3
Frame ID: B8439EB12281A712DBF50DEE0960802C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: A5F61DC830FAAE1ED78B67CDBD9A1921
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/1861992871520555189
Frame ID: D2B56EA13B2BE4D7F682A67546696093
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: F749BA81B96E62B05839C5B55CF83721
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q?pi=smilewanted
Frame ID: 8ADBD4665FD9FD0E66D1B2580987CA51
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Frame ID: BEA90DADEE6F8913FA3440281E12BC4D
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=
Frame ID: 68F0DDE1559FEF63E5FE74DA3C8EAB51
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B1AAC17CCBFF8D6240F9207084DA979F
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 72A0CE24F6671B44097AB10EFD763D02
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYaQaRajXbhVhjnXX&gdpr=0&gdpr_consent=
Frame ID: CF4B113941D13DE0B9CBA551F793FD2B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C9CAC3FFCF24D7CD27677A905F642152
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EC90A40E437D411EBE6188384A13407E&gdpr=0&gdpr_consent=
Frame ID: C40F3B83598846CA9BF5A4F3DC1C3DB2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2373514368
Frame ID: B60358E1D7C012F82F31D6AE6C29AC60
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B
Frame ID: FD91FEF5514B56C9893DF8703502877E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=92F189C5-44AD-4066-9CB9-7B0CB284505B
Frame ID: 3436FD2BB570F561C65BD4EAB9C62288
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/92F189C5-44AD-4066-9CB9-7B0CB284505B
Frame ID: DBD936B85D7A9CB575613B87E41C3CA6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=92F189C5-44AD-4066-9CB9-7B0CB284505B
Frame ID: C2E2405CEFDD8E75378ED48BE7EE8504
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/92F189C5-44AD-4066-9CB9-7B0CB284505B
Frame ID: 1EEF757757B8DA7A6C37956A26DAEF84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

認識的女人都叫來!勝利性招待日商還仔細叮囑「百倍奉還」 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

583
Requests

74 %
HTTPS

26 %
IPv6

123
Domains

214
Subdomains

131
IPs

15
Countries

9509 kB
Transfer

18994 kB
Size

188
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 95
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 96
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 153
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOZNEET6-1Q-1N34 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOZNEET6-1Q-1N34
Request Chain 184
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9aTkVFVDYtMVEtMU4zNA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI2yLd2IgCA3TLesSeHDc7Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9aTkVFVDYtMVEtMU4zNA==&google_push=
Request Chain 185
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOZNEET6-1Q-1N34
Request Chain 186
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DBR6jNXFRV-ljA-RJOcqLQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DBR6jNXFRV-ljA-RJOcqLQ
Request Chain 187
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTM2NmY1NzU5NWRhMjRlZjg5NTc1MjViMzZhNGU2MzdiMWQzMDA3NQ
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGG2VkwQzlIYY4qvi6WiBeM&google_cver=1
Request Chain 189
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5zFKTs8YrRKp9jwAmOwPpcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MsGZJWRE2oKsEm7AzcHXpiUfVvHRFgvu6MhurQ--~A
Request Chain 190
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q00mZKrvT-usnDcgkJR8QQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q00mZKrvT-usnDcgkJR8QQ
Request Chain 192
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=234bade2-ecb2-40f0-b4cd-4730af60b55e&expires=30
Request Chain 193
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOZNEET6-1Q-1N34
Request Chain 194
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOZNEET6-1Q-1N34 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOZNEET6-1Q-1N34
Request Chain 195
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOZNEET6-1Q-1N34&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOZNEET6-1Q-1N34&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 196
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOZNEET6-1Q-1N34
Request Chain 197
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOZNEET6-1Q-1N34
Request Chain 198
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOZNEET6-1Q-1N34
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
Request Chain 205
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVSkEpli6XnXUscCwiPr6QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
Request Chain 208
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVSkEpli6XnXUscCwiPr6QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
Request Chain 236
  • https://pr-bh.ybp.yahoo.com/sync/taboola/8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
Request Chain 243
  • https://hal900014.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=02cee3f017&subid=&uid=5424b321f657032e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0bBtEqRUZaWzBYG93gP5oJjgCpHB0Jtpm-iDktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBJECT9BwMDMXWjhkIOXM6lLPnCP6xFyttiENe6LBepvr2je7ntQNNJaRhlB_eFhPlwywsW0Gu2aG6_uGTkmb_nAnjFbZiGBuUdGvJyQYufkvfFdOk851FEybQz1OCIQh3Xl9nwaxCGO2QsIQMDlT-lnUpYI6Y9ShtH1My5ldbn5FB08zxTtuiUUp2Ce_StY0O9ndMrfS8RgYBWviUzxam6ab2TIAIsLlQjfe5Kt7GBn8llPPgHU_BYtLnrOks-5nKJex2Qc4qwwtP-Kjk3Rs3QDF942rXlwfrnQPQUJq0JHKMQDscoBiWuySQBiAtOhn7OPGjjUtRBN0NQnQW1VPJPKcc9qRwgA6ux97gRFVIbUVOI3RwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljVi5Ck7MWCA_IIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjP45Ck7MWCAxWBnncKHXkQBqywE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1DE-3ikdJW6j3AWJOF5NlJhKz2Nw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Cw9NG84Q7cfRcMjst2P8cksUpZ17HIZ1S1-miM9natDryfrFuxDfD2Nok8l3CMy4VwdzgLDx3rZekl7jlvVVQaYXsed7EQtC9TIR4FtHdxloiLQelavmOpI9dcOJ4PW9Yt1GVZUKwEC3z6Iv-CRIeRB1kKAGQ_SEXNKShPQg_OfT6KLeY%26cry%3D1%26dbm_d%3DAKAmf-C7incX2-8Mwh4YCPAHlHDAFnoh0iQm1AsAm4MGVZ7mmwYayiBW4kzZDQNE5yiCrwV77oBtUTXQFEHyhZfazp7OU_DQ7tEcboipLxB8sNgy8rB9aOL66ncPpf37SdrIs0Yc-7E1mjH8VyBfwKvSHTflgORWZRJG6Lju8ycS5EbGAmMXiNnXeDtPYMxcV5B0ksOIi3Mm8X7uFf8YZNZKPB9EnkV5rTmU9p6nnyiGmdZiZOptdjttvnIWyV6LmOV5EoB4t9LEYVwNb-C3twNu2WNLevBRpZ1v6nyy9hnhWGy4zptWUk0MMVX8vEJnmqSeWtFi5hIVL2_bmHe8hId8-UUatX-nIfUX4J86hq34br8U26wkR2ZhJOHWrsf2sBWS0pTPE8DootCvZ8ETNycSrGOtXWtiU7VUrYNjYsD0Dn3ivlEaiw-aG6Suy6lJaCSL0FS5He3nZDn-xhYZSUQx_YsAZk_FYlo4yDW5pljBR2VkBBDtFTkPg2j3C-Z5aEmsczxw3_tj0ct-3fum9fPrI8GZwo5z3oeV0dJIVk8mFwEglxzyYSpP_QOJg-h7ln2e3iUQAsmaDkq3RuVmPQtJKo4w_vEIy-rV1zwb-uAOex-mm0nhbaNDr4hw8DXJiDny3tTnHPzx6B6A5p9nKFtP-O1HhI_M_9nJQbwEoCqjXoioLUlq5r4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3655877796507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=02cee3f017&subid=&uid=5424b321f657032e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0bBtEqRUZaWzBYG93gP5oJjgCpHB0Jtpm-iDktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBJECT9BwMDMXWjhkIOXM6lLPnCP6xFyttiENe6LBepvr2je7ntQNNJaRhlB_eFhPlwywsW0Gu2aG6_uGTkmb_nAnjFbZiGBuUdGvJyQYufkvfFdOk851FEybQz1OCIQh3Xl9nwaxCGO2QsIQMDlT-lnUpYI6Y9ShtH1My5ldbn5FB08zxTtuiUUp2Ce_StY0O9ndMrfS8RgYBWviUzxam6ab2TIAIsLlQjfe5Kt7GBn8llPPgHU_BYtLnrOks-5nKJex2Qc4qwwtP-Kjk3Rs3QDF942rXlwfrnQPQUJq0JHKMQDscoBiWuySQBiAtOhn7OPGjjUtRBN0NQnQW1VPJPKcc9qRwgA6ux97gRFVIbUVOI3RwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljVi5Ck7MWCA_IIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjP45Ck7MWCAxWBnncKHXkQBqywE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1DE-3ikdJW6j3AWJOF5NlJhKz2Nw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Cw9NG84Q7cfRcMjst2P8cksUpZ17HIZ1S1-miM9natDryfrFuxDfD2Nok8l3CMy4VwdzgLDx3rZekl7jlvVVQaYXsed7EQtC9TIR4FtHdxloiLQelavmOpI9dcOJ4PW9Yt1GVZUKwEC3z6Iv-CRIeRB1kKAGQ_SEXNKShPQg_OfT6KLeY%26cry%3D1%26dbm_d%3DAKAmf-C7incX2-8Mwh4YCPAHlHDAFnoh0iQm1AsAm4MGVZ7mmwYayiBW4kzZDQNE5yiCrwV77oBtUTXQFEHyhZfazp7OU_DQ7tEcboipLxB8sNgy8rB9aOL66ncPpf37SdrIs0Yc-7E1mjH8VyBfwKvSHTflgORWZRJG6Lju8ycS5EbGAmMXiNnXeDtPYMxcV5B0ksOIi3Mm8X7uFf8YZNZKPB9EnkV5rTmU9p6nnyiGmdZiZOptdjttvnIWyV6LmOV5EoB4t9LEYVwNb-C3twNu2WNLevBRpZ1v6nyy9hnhWGy4zptWUk0MMVX8vEJnmqSeWtFi5hIVL2_bmHe8hId8-UUatX-nIfUX4J86hq34br8U26wkR2ZhJOHWrsf2sBWS0pTPE8DootCvZ8ETNycSrGOtXWtiU7VUrYNjYsD0Dn3ivlEaiw-aG6Suy6lJaCSL0FS5He3nZDn-xhYZSUQx_YsAZk_FYlo4yDW5pljBR2VkBBDtFTkPg2j3C-Z5aEmsczxw3_tj0ct-3fum9fPrI8GZwo5z3oeV0dJIVk8mFwEglxzyYSpP_QOJg-h7ln2e3iUQAsmaDkq3RuVmPQtJKo4w_vEIy-rV1zwb-uAOex-mm0nhbaNDr4hw8DXJiDny3tTnHPzx6B6A5p9nKFtP-O1HhI_M_9nJQbwEoCqjXoioLUlq5r4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3655877796507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 244
  • https://hal900015.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=cdaaa04a11&subid=&uid=efe588953b2c6546&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCssDkEqRUZaSzBYG93gP5oJjgCpHB0Jtp2--DktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBI8CT9Dux5yic-npf32XiWdJ8v8-l2tOBulQHs6dHhbUa8YtdyDMl7jqO2bRPvUcTLYNko7vq_l4gSnU-9YJooPy91cKs-KSn9KGbxnVq-Of2RcS9RbYsN56afF7NX2S9lVj_EoZ4QadqPtOhsl806qqm3W9-f0dSqSaQ8VzlHSrRJ3nUVBGGjVUmxKGPYFC6AMuHX0MLHkhtRwCpoGe1ytvRk4N8glnZmQEgTw7GracQiG_cWMoJv4YagMhsOQ1CzXxbugeFcqcRdrhaNgBvg9QxMXoy7xrGL9tZw1SJFXlKLBrg6Ar5TpQo_hI_X5k9K41inN1mRMuSVAEL0cXgTRUZ7CN3jlAx0s78fqy69aGI8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY1YuQpOzFggPyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMIzuOQpOzFggMVgZ53Ch15EAassBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1bER_5h3QZZ9WK2a0j-sCC4XsgVw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcEf0pKY2UCYLGprPaPjhZ1d4vf4Dnc1B5BYRF2mqM7PkaBVGN_w5e5IpANd99vr0tHZH4xBerFPiMxb5qmRYifiQhDV72bpIOBJ3Y0HrBh1Lxrg1WPI74IQ7nJeszHfMUEg7iXoDO4wZhdBtHYQGsin5WL7LAoE1wP9ngHWQs0dAgDIs%26cry%3D1%26dbm_d%3DAKAmf-DNJrAnBB3wRNIlh65EZsZJ9StZrdgS4ffmYlkqzg_tUeFnVihuAP-LB6PAwiFcaVJI7qI5n0yEMHSdm6lSqZP5rrY2lP4my4kMkLB6Wx_ieKipWMdjWLCgTqCKOF75icYGg96A95hlG93PrCn6OPmD6UNACsEn4j6xzL0rMfaRNLtHtdpbXznnTgmhsCUphUV41ApBVrEiyukEKBrSmaVZvYjHM8wZY7JUAFHJ92LRypbthhGvpO6fY4NfLXrtQZHrWOUe2EdkegnkJqjcYYAzC4bXxstjm6FeNV8tbKNHzQKfbfLa0diGyQNQ1MvjwVEbmLM6NWEV8VVbnFjxUqEIAH-G9KFSewRNSRqxzfQzutPazzjfjozmK8AwIo9ksYKc6BgHvbzbLs7f7fQvoNazC54NrWcFVlEFPdP6na0ypHydfaAIoSn2so-NnzjWwTkJwLVEBdSaxj8vfYgeJpGKlhICFKfdbboP4BJZkwZfrQT7Kf2VwRVfCTkNeEQfHTojukFdO8P4vLRpxu-_uK2sqKJuMNRflwVkvX4gTTSVcznTPIyspIPH8x50EDzxzwYlROgqvuTV4k6PIam4Vf7_BekVzDne2R2MteCewwhN320sAink6P7uRvOcpAxBTcigyReDYbMZNJdOT7TqeidAe9bnyjZlqJyZRAoyYMfSvPFqZlQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3444455260752&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900015.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=cdaaa04a11&subid=&uid=efe588953b2c6546&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCssDkEqRUZaSzBYG93gP5oJjgCpHB0Jtp2--DktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBI8CT9Dux5yic-npf32XiWdJ8v8-l2tOBulQHs6dHhbUa8YtdyDMl7jqO2bRPvUcTLYNko7vq_l4gSnU-9YJooPy91cKs-KSn9KGbxnVq-Of2RcS9RbYsN56afF7NX2S9lVj_EoZ4QadqPtOhsl806qqm3W9-f0dSqSaQ8VzlHSrRJ3nUVBGGjVUmxKGPYFC6AMuHX0MLHkhtRwCpoGe1ytvRk4N8glnZmQEgTw7GracQiG_cWMoJv4YagMhsOQ1CzXxbugeFcqcRdrhaNgBvg9QxMXoy7xrGL9tZw1SJFXlKLBrg6Ar5TpQo_hI_X5k9K41inN1mRMuSVAEL0cXgTRUZ7CN3jlAx0s78fqy69aGI8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY1YuQpOzFggPyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMIzuOQpOzFggMVgZ53Ch15EAassBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1bER_5h3QZZ9WK2a0j-sCC4XsgVw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcEf0pKY2UCYLGprPaPjhZ1d4vf4Dnc1B5BYRF2mqM7PkaBVGN_w5e5IpANd99vr0tHZH4xBerFPiMxb5qmRYifiQhDV72bpIOBJ3Y0HrBh1Lxrg1WPI74IQ7nJeszHfMUEg7iXoDO4wZhdBtHYQGsin5WL7LAoE1wP9ngHWQs0dAgDIs%26cry%3D1%26dbm_d%3DAKAmf-DNJrAnBB3wRNIlh65EZsZJ9StZrdgS4ffmYlkqzg_tUeFnVihuAP-LB6PAwiFcaVJI7qI5n0yEMHSdm6lSqZP5rrY2lP4my4kMkLB6Wx_ieKipWMdjWLCgTqCKOF75icYGg96A95hlG93PrCn6OPmD6UNACsEn4j6xzL0rMfaRNLtHtdpbXznnTgmhsCUphUV41ApBVrEiyukEKBrSmaVZvYjHM8wZY7JUAFHJ92LRypbthhGvpO6fY4NfLXrtQZHrWOUe2EdkegnkJqjcYYAzC4bXxstjm6FeNV8tbKNHzQKfbfLa0diGyQNQ1MvjwVEbmLM6NWEV8VVbnFjxUqEIAH-G9KFSewRNSRqxzfQzutPazzjfjozmK8AwIo9ksYKc6BgHvbzbLs7f7fQvoNazC54NrWcFVlEFPdP6na0ypHydfaAIoSn2so-NnzjWwTkJwLVEBdSaxj8vfYgeJpGKlhICFKfdbboP4BJZkwZfrQT7Kf2VwRVfCTkNeEQfHTojukFdO8P4vLRpxu-_uK2sqKJuMNRflwVkvX4gTTSVcznTPIyspIPH8x50EDzxzwYlROgqvuTV4k6PIam4Vf7_BekVzDne2R2MteCewwhN320sAink6P7uRvOcpAxBTcigyReDYbMZNJdOT7TqeidAe9bnyjZlqJyZRAoyYMfSvPFqZlQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3444455260752&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 253
  • https://pr-bh.ybp.yahoo.com/sync/taboola/8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
Request Chain 265
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&google_cver=1&google_push=AXcoOmRG_y6Q_OyJzG7RAkwLfCVTc69VwWGGmnQKdZ7Zui2YXT5HlyIkSucsNPeVwqdZu8xm3yaN-eBmiT7MSnS0IJWI17op-T1T HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&google_cver=1&google_push=AXcoOmRG_y6Q_OyJzG7RAkwLfCVTc69VwWGGmnQKdZ7Zui2YXT5HlyIkSucsNPeVwqdZu8xm3yaN-eBmiT7MSnS0IJWI17op-T1T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXhWOWFCMDExUjNkQWY1&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&google_cver=1&google_push=AXcoOmRG_y6Q_OyJzG7RAkwLfCVTc69VwWGGmnQKdZ7Zui2YXT5HlyIkSucsNPeVwqdZu8xm3yaN-eBmiT7MSnS0IJWI17op-T1T
Request Chain 266
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAhYG6r5V8iCTR_RyZe2psM&google_cver=1&google_push=AXcoOmTFAkNcR4ilW710UfQEQrVW1FJyvwxa9srjSLyRtJfBJTQMDwHQAP6bxfVrTIGZ4zYjbATIJXA2xxJ9CYEgaAwN-9alQKzC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTFAkNcR4ilW710UfQEQrVW1FJyvwxa9srjSLyRtJfBJTQMDwHQAP6bxfVrTIGZ4zYjbATIJXA2xxJ9CYEgaAwN-9alQKzC&google_hm=_zqg4TKkSbySHBFtKOIiOwU
Request Chain 267
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBPUWlBBCJNDvS4y8lxuo_E&google_cver=1&google_push=AXcoOmRQeiBZIDrItqUXjMv5y31hOvjfLMbR692lsBqa6EI1p7cN6gW4s12l3EmWBXIZXyaUnT0VPhWot5is1w0w4kra3kZllbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852668941767&us_privacy=1---
Request Chain 268
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_cver=1&google_push=AXcoOmSYCN9yW4WclaEW3MmjoWCYSIj6-lUrW4Mdp8YwIITLCWfQB_DPvd6RZkAXhY3YE4vS99PEmHHMqRt61yPu6LeKhlwUc3jZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_hm=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&google_nid=index&google_push=AXcoOmSYCN9yW4WclaEW3MmjoWCYSIj6-lUrW4Mdp8YwIITLCWfQB_DPvd6RZkAXhY3YE4vS99PEmHHMqRt61yPu6LeKhlwUc3jZ
Request Chain 269
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTmp98eKrdJfCkKs76BjKCZ64hyTIfldPHBLH_4srFX1m86mXZ_pzEf9gcuCGfD1lF_o6nP7YqfP9HwBJAoGPFsQkn6Bjl4%26google_hm%3D%5BUID%5D&google_gid=CAESEJCLw_5yFOTQWg6BjRSNlzc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTmp98eKrdJfCkKs76BjKCZ64hyTIfldPHBLH_4srFX1m86mXZ_pzEf9gcuCGfD1lF_o6nP7YqfP9HwBJAoGPFsQkn6Bjl4&google_hm=88b28cb9-490f-4de0-a502-23ebbbf43de1
Request Chain 270
  • https://cs.media.net/cksync?type=g&google_gid=CAESEJDPhSrR4GAptRjQDzKGiTw&google_cver=1&google_push=AXcoOmTp7Ox7IccdandTPrIMhVyHhsaqVaZMUd8UPtKeNl0Six9UZSB_p5IMi7ABUKLB72RhCdoksj8Y42X9YI-iC_UzIPOFvev1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&mn_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTp7Ox7IccdandTPrIMhVyHhsaqVaZMUd8UPtKeNl0Six9UZSB_p5IMi7ABUKLB72RhCdoksj8Y42X9YI-iC_UzIPOFvev1&gdpr=&gdpr_consent=
Request Chain 297
  • https://pr-bh.ybp.yahoo.com/sync/taboola/8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
Request Chain 315
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBJNLjtAQNphj9IctxHwQuI&google_cver=1&google_push=AXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBJNLjtAQNphj9IctxHwQuI&google_cver=1&google_push=AXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 316
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKASOsNjsYS6n6rdK6tzYc0&google_cver=1&google_push=AXcoOmSihcO0bRTmGiBhCu-RHLyyjxsBPKWZLZRzGyn_BN8OsuLiZjiQMjcZaSUGuqosO1ZEIO7_OugI3_-xI-k6yW2nT0Fur7Q- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSihcO0bRTmGiBhCu-RHLyyjxsBPKWZLZRzGyn_BN8OsuLiZjiQMjcZaSUGuqosO1ZEIO7_OugI3_-xI-k6yW2nT0Fur7Q-
Request Chain 317
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFNpepKOi5arGoTQqqxgQXs&google_cver=1&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhPrzQu9KYJq1TAmGn_1DgST_qc HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFNpepKOi5arGoTQqqxgQXs&google_cver=1&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhPrzQu9KYJq1TAmGn_1DgST_qc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2MTk5Mjg3MTUyMDU1NTE4OQ&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhPrzQu9KYJq1TAmGn_1DgST_qc
Request Chain 318
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQCj2q4X77q6U-0aX8ECXIftY4DelXMnwxpiCyyRUDAPKeDPMfaPbMErMFUnEeWYnr0qo5qSWztHexh6gd_jheH3VKw8mbz%26google_hm%3D%5BUID%5D&google_gid=CAESEJCLw_5yFOTQWg6BjRSNlzc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQCj2q4X77q6U-0aX8ECXIftY4DelXMnwxpiCyyRUDAPKeDPMfaPbMErMFUnEeWYnr0qo5qSWztHexh6gd_jheH3VKw8mbz&google_hm=88b28cb9-490f-4de0-a502-23ebbbf43de1
Request Chain 319
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKK-C1LMvcRYtitK4j9d6wg&google_cver=1&google_push=AXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700045844031 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo%26google_hm%3DAykbxdljTEY7qHukeZ8y-PE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo&google_hm=AykbxdljTEY7qHukeZ8y-PE
Request Chain 321
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRedM-JZXwlW3186wQJuzC2qTl3WziLiOlF8hVf9ydbW7yuh_6v151GHt2Y53i7trA5w1iIXEboRCF13zJzyfSjQlCNLLBDjg&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVYjlhZjQ5MTBmNzNkNGFkZmFmYjY4ZjZlZGFhZGZlOTI&google_nid=opera_norway_as&google_push=AXcoOmRedM-JZXwlW3186wQJuzC2qTl3WziLiOlF8hVf9ydbW7yuh_6v151GHt2Y53i7trA5w1iIXEboRCF13zJzyfSjQlCNLLBDjg
Request Chain 327
  • https://um.simpli.fi/gp_match?google_gid=CAESENl1HIqkIIm4v9KXEySHQEU&google_cver=1&google_push=AXcoOmTbfrDykLvbl96rFKTnIAI067eXk_0RoIUh6cwHG5823fOVHc7mI4sU1pD_lzHLmMyQpbqUkq3RjkexaEacwSrQx9xOJgM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC90A40E437D411EBE6188384A13407E&google_push=AXcoOmTbfrDykLvbl96rFKTnIAI067eXk_0RoIUh6cwHG5823fOVHc7mI4sU1pD_lzHLmMyQpbqUkq3RjkexaEacwSrQx9xOJgM
Request Chain 328
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL1_uHbPa5HVDNYIj4u7FYE&google_cver=1&google_push=AXcoOmQUM1REHXXnGg1N7xH5SJop3z8UFD3XpZur2JAQmauyVaYY6cvx4BU3ibKiDTVc8CBk-Yf3VSFo3cEhg3q9f9NHjO8gjW4 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL1_uHbPa5HVDNYIj4u7FYE&google_cver=1&google_push=AXcoOmQUM1REHXXnGg1N7xH5SJop3z8UFD3XpZur2JAQmauyVaYY6cvx4BU3ibKiDTVc8CBk-Yf3VSFo3cEhg3q9f9NHjO8gjW4&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kvGJxUStQGacuXsMsoRQWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQUM1REHXXnGg1N7xH5SJop3z8UFD3XpZur2JAQmauyVaYY6cvx4BU3ibKiDTVc8CBk-Yf3VSFo3cEhg3q9f9NHjO8gjW4
Request Chain 329
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKdO55vIlxfI_-lAtABTEtI&google_cver=1&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmwg_GncLGBNv95-P4je579Mkhu1yRX0h16WX7Z0M6zdA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmwg_GncLGBNv95-P4je579Mkhu1yRX0h16WX7Z0M6zdA&google_gid=CAESEKdO55vIlxfI_-lAtABTEtI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzA3NTI4Mjk1OTcyMjIzOTY3NQ%3D%3D&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmwg_GncLGBNv95-P4je579Mkhu1yRX0h16WX7Z0M6zdA
Request Chain 331
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQ1J9hGnIda6AN65hZ-OF2mcIrljfe0vYTmnfIftvc3kp4gI0mgnpbON3sNPOJqQzz5Cia9kT4MB_NgE2dcYRNxw_E9T3_H&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVZGQ4ZDgzMDM4ZjI5NGRmNmFjYmY0MWVlNTIyYTNiNGY&google_nid=opera_norway_as&google_push=AXcoOmQ1J9hGnIda6AN65hZ-OF2mcIrljfe0vYTmnfIftvc3kp4gI0mgnpbON3sNPOJqQzz5Cia9kT4MB_NgE2dcYRNxw_E9T3_H
Request Chain 332
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK_pMkAdwB8JFZLGTvkEE6k&google_cver=1&google_push=AXcoOmTp8qvj--pVjCJXrFcV5ZBCWV6Genzgb__t3QqbFmIKOdZ6Tsx1JkZ7ZtcP3f5HHKiXdRfyTua4s53sKiv8pyh6Se0kI8Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWYxYTgzZGMtMzM0Ni00MGI3LWIwOTEtZWViMGI2OTljNDU2&google_push=AXcoOmTp8qvj--pVjCJXrFcV5ZBCWV6Genzgb__t3QqbFmIKOdZ6Tsx1JkZ7ZtcP3f5HHKiXdRfyTua4s53sKiv8pyh6Se0kI8Y HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 333
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF3XiuTf5InAMC2j58dpoVo&google_cver=1&google_push=AXcoOmRZnu3oYMyXxTJBr_JWciSN3mOH6C4-7Bx0k8CVYxN_3L1sGsvE-PnCuDZU-mq0cjm9DS-Pxr8mYY13GxXqv2YcFJW_1WNi HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF3XiuTf5InAMC2j58dpoVo&google_cver=1&google_push=AXcoOmRZnu3oYMyXxTJBr_JWciSN3mOH6C4-7Bx0k8CVYxN_3L1sGsvE-PnCuDZU-mq0cjm9DS-Pxr8mYY13GxXqv2YcFJW_1WNi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b0448ec-d5e2-415e-a5d4-664128ef3abf&%%GOOGLE_PUSH_PAIR%%
Request Chain 349
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2 HTTP 302
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=da3c39d4fd467e57b379474c57cbae3e
Request Chain 350
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA64RrwaWF365zJwabTMp2E48p7lpsjRsbm9aTkLLvTXuHYMcELK16y6FTmPW4Hwcdg&format=gif
Request Chain 351
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2 HTTP 302
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyTTVNbEs2P6c5jQdLOQAoNlWsbZD9Y1Zvd9rBjHnG4z_nOuVrzu5k8fVnFJQl4mLA&format=gif
Request Chain 352
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2 HTTP 302
  • https://g.c.appier.net/ge HTTP 302
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=Gi1SbHcCAei4bY3QFaRUZQ
Request Chain 359
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=aa1bac58-7ee0-4efd-9836-3cf023571424&o=2374108293&callback=OX_2374108293&ju=https%3A//www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1 HTTP 302
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=aa1bac58-7ee0-4efd-9836-3cf023571424&o=2374108293&callback=OX_2374108293&ju=https%3A//www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Request Chain 392
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TVlzjBpYd4lWCneNGVRri0pfIo5WCX_cSAldnz9t
Request Chain 393
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1861992871520555189
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOIDJhOlahXZsU5W4EOMZgI&google_cver=1
Request Chain 403
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 408
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7326357577168534038
Request Chain 409
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HqPRrRZHROA0Lw1SQ2iFNfcY
Request Chain 411
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7177849136 HTTP 302
  • https://sync.1rx.io/usersync/turn/2438261541404852095?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003
Request Chain 412
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5142336726325955581
Request Chain 413
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=88b28cb9-490f-4de0-a502-23ebbbf43de1
Request Chain 414
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 415
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
Request Chain 416
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-012c6e6a-29df-3715-b451-0d83bd8b7c96&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTJjNmU2YS0yOWRmLTM3MTUtYjQ1MS0wZDgzYmQ4YjdjOTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wMTJjNmU2YS0yOWRmLTM3MTUtYjQ1MS0wZDgzYmQ4YjdjOTYyAh8GOAE=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
Request Chain 417
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
Request Chain 419
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 420
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=5cfd6b5d6f63419e90811ed3658b5d56 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2438261541404852095 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e3492547-5570-4d85-8558-20a12cec997a HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=0e40bdaf-e27a-47fe-88db-537582e975e6%3A1700045846.2191541&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0e40bdaf-e27a-47fe-88db-537582e975e6%253A1700045846.2191541%26_%3D1700045846.2223113&cb=1700045846.2223504 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726325955581&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0e40bdaf-e27a-47fe-88db-537582e975e6%253A1700045846.2191541%26_%3D1700045846.2223113 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=0e40bdaf-e27a-47fe-88db-537582e975e6%3A1700045846.2191541&_=1700045846.2223113 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjcwZTQwYmRhZi1lMjdhLTQ3ZmUtODhkYi01Mzc1ODJlOTc1ZTY6MTcwMDA0NTg0Ni4yMTkxNTQxEAAaDQiWyNKqBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHtaJowL63Yw3dX2jPRG9a4&google_cver=1
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_cver=1
Request Chain 424
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715770645&external_user_id=05234b0e-250a-4b5e-a4e3-4d9868ce08dd
Request Chain 425
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
Request Chain 426
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=69a3b6904d631848&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIy2Fw3e6bUwMRAkjfAAAAAAA&expiration=1700132245&is_secure=true
Request Chain 430
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 432
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e349254755704d85855820a12cec997a HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2438261541404852095 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e3492547-5570-4d85-8558-20a12cec997a HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3b26b712-369f-4b71-9918-63f7b98fce69%3A1700045846.2289739&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3b26b712-369f-4b71-9918-63f7b98fce69%253A1700045846.2289739%26_%3D1700045846.231005&cb=1700045846.2310421 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726325955581&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3b26b712-369f-4b71-9918-63f7b98fce69%253A1700045846.2289739%26_%3D1700045846.231005 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3b26b712-369f-4b71-9918-63f7b98fce69%3A1700045846.2289739&_=1700045846.231005 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=48507131891807019
Request Chain 433
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7326357577168534038
Request Chain 435
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ezeWbCw2kmlgZJJtLzqOa3wxx25gZ5o8fmf3mj6I
Request Chain 437
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EC90A40E437D411EBE6188384A13407E
Request Chain 438
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 443
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/7168262712027533764
Request Chain 447
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7326357577168534038
Request Chain 448
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7a9f0a61-2c0a-4042-8702-8f42550e303c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c24c36e9-7ceb-4bea-bd02-725a4a4219e5&expires=1&user_group=5&ssp=gumgum2&bsw_param=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 449
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=33bcadbb-0c3b-08b5-34e5-2a07db3352f7
Request Chain 450
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-559ea09d-024b-5524-5aa6-0fd67e4fbc20$ip$176.10.106.5
Request Chain 451
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-7BEaulpE2pdrbdDKt34YFxOdc3q_PzSn7hds~A
Request Chain 452
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=234bade2-ecb2-40f0-b4cd-4730af60b55e
Request Chain 454
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7a9f0a61-2c0a-4042-8702-8f42550e303c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_7a9f0a61-2c0a-4042-8702-8f42550e303c&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=HIFgeU4I6Gp6hq--SPAE&gdpr=0&us_privacy=1---
Request Chain 455
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=gfixybuSFOC7&ev=1&pid=558355
Request Chain 456
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7168262712027533764
Request Chain 458
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/48507131891807019
Request Chain 460
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=1861992871520555189&gdpr=0&gdpr_consent=
Request Chain 465
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=44NTvbSCV7j40Fe8t45LuuSFAr_401_t5tNBzimq
Request Chain 466
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzE2ODI2MjcxMjAyNzUzMzc2NA==&gdpr=0&gdpr_consent=
Request Chain 467
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGxobG90QmNneWVUbkdNSHdJVW5OQmFkUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDhsaGxvdEJjZ3llVG5HTUh3SVVuTkJhZFEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDhsaGxvdEJjZ3llVG5HTUh3SVVuTkJhZFEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDhsaGxvdEJjZ3llVG5HTUh3SVVuTkJhZFEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1861992871520555189&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDhsaGxvdEJjZ3llVG5HTUh3SVVuTkJhZFEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=8lhePALZGkWSWWbma2a2tNTJQ&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=7168262712027533764&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 468
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=061bb0cf-5b7a-4bdd-9180-1868ef2559cb&gdpr_consent=null&gdpr=0
Request Chain 469
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LOZNEET6-1Q-1N34?gdpr=0
Request Chain 471
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVSkFcCo8X8AAE54v1IAAAAA
Request Chain 472
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=gumgum&tc=1
Request Chain 473
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 475
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 476
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=18b1af95784d4754dd872abc93894654
Request Chain 477
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4113075282959722239675
Request Chain 478
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5dd8ebcf-5bbc-0fb7-2b06-231d5360d954
Request Chain 479
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 480
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVSkEpCJnkWPntFBDNTn7gAA%263345
Request Chain 486
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8
Request Chain 487
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=48507131891807019&gdpr=0&gdpr_consent=
Request Chain 488
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7301641305985841294&gdpr=0&gdpr_consent=
Request Chain 489
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VZ6gnQJLVSRapg_Wfk-8ILAKagU&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 490
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Request Chain 491
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb9af4910f73d4adfafb68f6edaadfe92
Request Chain 492
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWC1FN0txVWdBQUJQbXpJa2RLQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEX-E7KqUgAABPmzIkdKA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEX-E7KqUgAABPmzIkdKA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEX-E7KqUgAABPmzIkdKA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7168262712027533764&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEX-E7KqUgAABPmzIkdKA&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 494
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVSkFQAD9Hez5AAU
Request Chain 495
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 496
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 497
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4007090260949525310
Request Chain 498
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336726325955581
Request Chain 503
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kvGJxUStQGacuXsMsoRQWw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 504
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=&ct=y
Request Chain 505
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3195655375
Request Chain 506
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGxoZVBBTFpHa1dTV1dibWEyYTJ0TlRKUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1861992871520555189&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTJGMTg5QzUtNDRBRC00MDY2LTlDQjktN0IwQ0IyODQ1MDVC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 508
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRaaHrsgQM5wdtD4sDXGQo&google_cver=1
Request Chain 510
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1861992871520555189
Request Chain 512
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Pqqmb2tE2uWVFh1oLvLk_G0nKWH80mc-~A&gdpr=0
Request Chain 514
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a844fc12-9a52-433d-8320-5b21d2f072eb-6554a415-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 515
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=481ab759cdfc179d&is_secure=true&networkId=17100&version=1&nuid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIYBazbT1dogN3HjH_AAAAAAA&expiration=1700132245&nuid=92F189C5-44AD-4066-9CB9-7B0CB284505B&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Request Chain 516
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2438261541404852095&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Request Chain 517
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7003ae82-8c46-412e-8bca-1edaae5d19ff&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Request Chain 518
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOZNEET6-1Q-1N34 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LOZNEET6-1Q-1N34
Request Chain 520
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/3f076d65-d70a-41f5-9e80-a0b0a0451eb4&partner_id=1010
Request Chain 521
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/61cbcb5d-144b-0e7d-15eb-fd066ddffbc3
Request Chain 523
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=e5b62b22524fca0ec9b91a025e2fcd&gdpr_consent=&gdpr=0
Request Chain 524
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Request Chain 527
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1861992871520555189
Request Chain 529
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 530
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOZNEET6-1Q-1N34 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOZNEET6-1Q-1N34
Request Chain 531
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q?pi=smilewanted
Request Chain 538
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5142336726325955581
Request Chain 539
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVSkFQAD9Hez5AAU
Request Chain 542
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=669254a9b9c018fd&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIy2Fw3e6bewMCIMtUAAAAAAA&expiration=1700132246&nuid={OX_USER_ID}&is_secure=true
Request Chain 543
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=VZ6gnQJLVSRapg_Wfk-8ILAKagU
Request Chain 544
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=G9eD942oic216nZdwHppCw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 546
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2e9e754b-91f5-4f82-8feb-d0e67474fa77&ssp=openx&expires=30&user_group=5&bsw_param=9b0448ec-d5e2-415e-a5d4-664128ef3abf HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent=&us_privacy=
Request Chain 547
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=openx&gdpr=0
Request Chain 559
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=30d090c21b5bce22/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYaQaRajXbhVhjnXX%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=c27aa4038a938aacec2d17dcb0674c2c&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYaQaRajXbhVhjnXX%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYaQaRajXbhVhjnXX&gdpr=0&gdpr_consent=
Request Chain 561
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EC90A40E437D411EBE6188384A13407E&gdpr=0&gdpr_consent=
Request Chain 562
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2373514368
Request Chain 565
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=92F189C5-44AD-4066-9CB9-7B0CB284505B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=92F189C5-44AD-4066-9CB9-7B0CB284505B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 566
  • https://pixel.onaudience.com/?partner=214&mapped=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b231cba2ecdf59df/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=c27aa4038a938aacec2d17dcb0674c2c&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

583 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
www.bg3.co/a/ 		58 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ef47d30d652b4be15f970935fa13b1e03fe301553ea250f582fc69b0ed37bb4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 10:57:20 GMT
etag
"e613-o9hrnNgUvNrjyLhNoel2w0SQVz4"
expires
Wed, 15 Nov 2023 10:58:20 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 15 Nov 2023 10:57:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 10:57:20 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 15 Nov 2023 10:57:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 10:57:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80766eaa75dc693502e8747e094c14fda080a0d2eab6f9e0d2a86d6b69140163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30477
x-xss-protection
0
server
cafe
etag
290 / 19676 / 31079658 / config-hash: 8561109728819297004
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:21 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c33ff1761b261ed8a54102f316494819d6d2808ae58202812cbf7df819bf41c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91446
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Nov 2023 10:57:20 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 10:06:13 GMT
server
cloudflare
age
23632
etag
W/"65534695-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8266f90a1e16baed-MXP
expires
Wed, 15 Nov 2023 16:23:28 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 15 Nov 2023 11:57:21 GMT
date
Wed, 15 Nov 2023 10:56:22 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Wed, 15 Nov 2023 07:59:25 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/ 		750 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3323) /
Resource Hash
6ecccaba1aafb9b9d6ab52ff77ff86b10eaa3e1b42476f3b2f1b6c129a9929d9

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
age
11001
x-cache
HIT
x-client-device
desktop
content-length
158253
x-ap-device
DESKTOP
last-modified
Mon, 13 Nov 2023 19:43:58 GMT
server
ECAcc (muc/3323)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Wed, 15 Nov 2023 11:57:21 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		668 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b4360d495b9f0d25587e02aa74e8a804291da498f704eddffc8f5134a5a50f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8dQUC6NMhgrgiCFNrmS_spWvnSfqhYNM
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:21 GMT
x-amz-request-id
TCHM1DJNX4B0N3EH
age
1
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
FAILED
content-length
56510
x-amz-id-2
G3TK1cLOUrN4Os8+/n0FgROjgVnqAHneINHfcnntS3eRhubXsTlnciL8UIdO2PB5humSb84LeqA=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 14:33:45 GMT
server
AmazonS3
x-timer
S1700045841.974139,VS0,VE618
etag
"8c9cdeb26e44125c554d49678062182b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12815
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mONyPyZqv5bMqqtR%2Bsb2zlrIhOKklEiiWlAmmt9UDMK53c9p2%2BzxGH%2Bynv%2F7Hk%2F5J7CYSNypLH9Ssi5FS0MGDPxiS8E7wZlk4hJgKhhKzgxAZbms6iw1UcM09B8hgDr3sNtzPptiIPJyWaipuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8266f90dae2759cb-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		327 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:20 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-662
cdn-cachedat
10/18/2023 10:50:29
cdn-pullzone
873945
last-modified
Wed, 18 Oct 2023 10:48:10 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"652fb7ea-51d4f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
777e01b16b1ba8de494b83f7f307b315
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
t.php
c.statcounter.com/ 		192 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=ED32D45C15374FB28A2AA5B399E4861A&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&t=%E8%AA%8D%E8%AD%98%E7%9A%84%E5%A5%B3%E4%BA%BA%E9%83%BD%E5%8F%AB%E4%BE%86%EF%BC%81%E5%8B%9D%E5%88%A9%E6%80%A7%E6%8B%9B%E5%BE%85%E6%97%A5%E5%95%86%E9%82%84%E4%BB%94%E7%B4%B0%E5%8F%AE%E5%9B%91%E3%80%8C%E7%99%BE%E5%80%8D%E5%A5%89%E9%82%84%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2476&sc_rum_e_e=2492&sc_rum_f_s=0&sc_rum_f_e=2469&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8266f90a8e85baed-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
aa002785cfe427d3749b1467babfc33b.jpg
static.bg3.co/imgs/202106/ 		0
0
3cdc122d055526e16fb9313c569df057.jpg
static.bg3.co/imgs/202309/ 		0
0
b0c2e8e1461cd16d6061d434232da91d.jpg
static.bg3.co/imgs/202309/ 		0
0
7afbca5d6ce79939ebba39b0c57847cc.jpg
static.bg3.co/imgs/202106/ 		0
0
98aef8785adb1c6e2dea2963c45a511f.jpg
static.bg3.co/imgs/202105/ 		0
0
ef34e2bdee6e1a4eeb04ad8a81a81c02.jpg
static.bg3.co/imgs/202105/ 		0
0
01d91856e6768f229c3ede8dc9c5f23c.jpg
static.bg3.co/imgs/202105/ 		0
0
692724cd05f467eed065daad093f9527.jpg
static.bg3.co/imgs/202105/ 		0
0
9e18714a714d4df24457e6012541d777.jpg
static.bg3.co/imgs/202105/ 		0
0
ab60c5c1c97f6fd1a0b72d56e49298dd.jpg
static.bg3.co/imgs/202106/ 		0
0
c6ad0aa2daa483e7437ad68f36f76b8d.jpg
static.bg3.co/imgs/202105/ 		0
0
f470d983a2abeb41e0f2008f333aa827.jpg
static.bg3.co/imgs/202106/ 		0
0
89454e5b577279e82783d2ea5f3b8cb2.jpg
static.bg3.co/imgs/202105/ 		0
0
9049f7d59f2e1209cf6b3fa330453779.jpg
static.bg3.co/imgs/202105/ 		0
0
19164cfd3bf7b0ca4992e392dead587a.jpg
static.bg3.co/imgs/202105/ 		0
0
d8f3fd80a46a7cdb8a203fced0451e9c.jpg
static.bg3.co/imgs/202309/ 		0
0
968aa298eee2c7c5e46c773ecc588ff2.jpg
static.bg3.co/imgs/202105/ 		0
0
1fc0af5c17676ac808940582afa5bc65.jpg
static.bg3.co/imgs/202106/ 		0
0
100a421dab8da16cd26064baffe97125.jpg
static.bg3.co/imgs/202310/ 		0
0
3db1fbe2f43b50a8af08cd98918ab338.jpg
static.bg3.co/imgs/202110/ 		0
0
d21edbcc85c38bedd1e4463e4bff9549.jpg
static.bg3.co/imgs/202106/ 		0
0
255c10d61e3d52d72c2d31c8c188ab07.jpg
static.bg3.co/imgs/202106/ 		0
0
358644ab4c71dd184cf61fef9e53bf83.jpg
static.bg3.co/imgs/202309/ 		0
0
3292827c832174ca5d4f6eb2984ea724.jpg
static.bg3.co/imgs/202105/ 		0
0
6c9e86b684a9a9e61795c4ef62fea742.jpg
static.bg3.co/imgs/202107/ 		0
0
3d79ae5215dcef91b20265ced5a03f90.jpg
static.bg3.co/imgs/202309/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 21:40:31 GMT
age
47810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 21:40:31 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 15:59:38 GMT
age
68263
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 15:59:38 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4807741
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6983-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700045841.297050,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13, 281976
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700045840912&gcd=11l1l1l1l1&dma=0&cid=1672339767.1700045841&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700045841&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dt=%E8%AA%8D%E8%AD%98%E7%9A%84%E5%A5%B3%E4%BA%BA%E9%83%BD%E5%8F%AB%E4%BE%86%EF%BC%81%E5%8B%9D%E5%88%A9%E6%80%A7%E6%8B%9B%E5%BE%85%E6%97%A5%E5%95%86%E9%82%84%E4%BB%94%E7%B4%B0%E5%8F%AE%E5%9B%91%E3%80%8C%E7%99%BE%E5%80%8D%E5%A5%89%E9%82%84%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2732
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 17:33:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
62650
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 13 Nov 2024 17:33:11 GMT
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/331F) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
age
736327
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (muc/331F)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 10:57:21 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/330F) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
age
8308108
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (muc/330F)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 10:57:21 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:3b73:e7ee:7fde:90af Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3370) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
age
5378184
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (muc/3370)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 10:57:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b77b6497455ba7ca638901b38418e1f3fb1c858de87a1087e5334929ec237b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31529
x-xss-protection
0
server
cafe
etag
92 / 19676 / m202311090101 / config-hash: 8561109728819297004
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:21 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAwNDU4NDE0MDEsInBhY2tldElkIjoiMDAwMEE3MDEtMWMyOWVjZjEtZmJlNi00YzFhLWI4NjEtM2EzMWI1N2U0OWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Jlbi1zaGktZGUtbnUtcmVuLWR1LWppYW8tbGFpLXNoZW5nLWxpLXhpbmctemhhby1kYWktcmktc2hhbmctaHVhbi16aS14aS1kaW5nLXpodS1iYWktYmVpLWZlbmctaHVhbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=2871.2999954223633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAwNDU4NDE1MjgsInBhY2tldElkIjoiMDAwMEE3MDEtMWMyOWVjZjEtZmJlNi00YzFhLWI4NjEtM2EzMWI1N2U0OWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Jlbi1zaGktZGUtbnUtcmVuLWR1LWppYW8tbGFpLXNoZW5nLWxpLXhpbmctemhhby1kYWktcmktc2hhbmctaHVhbi16aS14aS1kaW5nLXpodS1iYWktYmVpLWZlbmctaHVhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2997.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAwNDU4NDE1MzUsInBhY2tldElkIjoiMDAwMEE3MDEtMWMyOWVjZjEtZmJlNi00YzFhLWI4NjEtM2EzMWI1N2U0OWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Jlbi1zaGktZGUtbnUtcmVuLWR1LWppYW8tbGFpLXNoZW5nLWxpLXhpbmctemhhby1kYWktcmktc2hhbmctaHVhbi16aS14aS1kaW5nLXpodS1iYWktYmVpLWZlbmctaHVhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3004.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAwNDU4NDE1MzcsInBhY2tldElkIjoiMDAwMEE3MDEtMWMyOWVjZjEtZmJlNi00YzFhLWI4NjEtM2EzMWI1N2U0OWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Jlbi1zaGktZGUtbnUtcmVuLWR1LWppYW8tbGFpLXNoZW5nLWxpLXhpbmctemhhby1kYWktcmktc2hhbmctaHVhbi16aS14aS1kaW5nLXpodS1iYWktYmVpLWZlbmctaHVhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3006.7999954223633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1650524014564366&correlator=1650522523645820&eid=31079666%2C31079668%2C31079658%2C44807410%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700045841567&lmt=1700045841&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1672339767.1700045841&ga_sid=1700045842&ga_hid=869039616&ga_fc=true&dlt=1700045840888&idt=614&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0_pv%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_2%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_2%26adro%3Dv8_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ff8b551579e61afcd10bd1fe8b5093e9411c257cff7b6f9883b8b458b474670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449155128
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2031 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:21 GMT
expires
Thu, 14 Nov 2024 10:57:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl_page_level_ads.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 17:37:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
62371
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13740
x-xss-protection
0
server
cafe
etag
13319621592303420164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 13 Nov 2024 17:37:50 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAwNDU4NDE1MjgsInBhY2tldElkIjoiMDAwMEE3MDEtMWMyOWVjZjEtZmJlNi00YzFhLWI4NjEtM2EzMWI1N2U0OWQ0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Jlbi1zaGktZGUtbnUtcmVuLWR1LWppYW8tbGFpLXNoZW5nLWxpLXhpbmctemhhby1kYWktcmktc2hhbmctaHVhbi16aS14aS1kaW5nLXpodS1iYWktYmVpLWZlbmctaHVhbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3053.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 22 Nov 2023 10:57:21 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
905
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57XfAnLmRDwmOmogTs%2Bf473VGFGV5WMW0AUBXh0epJ%2BbSKds6b0YrUAqWvD%2FaLqtwt7fXL3QmyqiSv7Phl1fE9ePd8XX%2Bnv2yCJVqTnf5Kes5JVqPOjRDRV59fT%2BJGrAQMd5WaqyS9VYyIDPww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8266f90e2eb759cb-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
14b8258a61e9708810dc58cd90b99b01dbb5e33b3b1317b285d165eeaff6c7e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231115
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47145094ab81b3f3cb910552afd76293d2af76934b75182b2abe5c32ca90411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24989
x-jsd-version
1.0.1874
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mad2200103-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-Pdh44WJsRHrBTVvu8eInnGhz960"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Txsk%2Fx%2BFdHeqiLLm%2F1QyibZKMcVhlaVI6IrV8MwM3LP%2FVLr8GHM7pOM3ZQsLcujaYWQ4nvIXC1sgY1KHaVXjMlBveOdMbGj4wpA1aNJlTnJjYCN0CjNaZWxS5NBCbrOituPnJX5PaUCaKoHk5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8266f90e9abe3cb1-CDG
prebid
ib.adnxs.com/ut/v3/ 		247 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bc61fde3c0fc7956df42489563652fbcc76999f43fb36235c40705faeb0d243e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
an-x-request-uuid
5feeb9de-5527-486c-a1f2-c028ad80a0db
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
247
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.136.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-136-176.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4378d18f09d81984f4eae7d306eddf5fcfebaf12d9c903a31334c12c9c190f74

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 15 Nov 2023 10:57:21 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
d17bd778d9055f880b83d86f4bd0c6292e894cea5c9d0df3243224a887bcfe73

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.2.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		506 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=7243aadc-1a9c-40eb-9528-d74a386ee37a%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%AA%8D%E8%AD%98%E7%9A%84%E5%A5%B3%E4%BA%BA%E9%83%BD%E5%8F%AB%E4%BE%86%EF%BC%81%E5%8B%9D%E5%88%A9%E6%80%A7%E6%8B%9B%E5%BE%85%E6%97%A5%E5%95%86%E9%82%84%E4%BB%94%E7%B4%B0%E5%8F%AE%E5%9B%91%E3%80%8C%E7%99%BE%E5%80%8D%E5%A5%89%E9%82%84%E3%80%8D&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=f33cd713-5b6d-4e08-96c3-4fc5232316ec%3Bb6a7efce-c584-4c9a-90a3-874a1b1c7bd9&l_pb_bid_id=85f6ea0a1ae284%3B9e4ecb513f57ad&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f33cd713-5b6d-4e08-96c3-4fc5232316ec%3Bb6a7efce-c584-4c9a-90a3-874a1b1c7bd9&rp_maxbids=1&slots=2&rand=0.5780777257742022
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4387ec708011f0918d3f0b2f5721fe41a2df0d5b709b57c58a0550a33ff1ed14

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
a2f1b394484a13ac3ecc682b06780ed0e76070e3268649917343df5634c68794

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Nov 2023 10:57:21 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a1945d0946796f7b901dc5016438ee373b61202b424a69992530dd65ff58df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5f7aTOVmR3od9OKC%2B63GvQLBsHtQ2oUDfMkU3QKFbLerKN%2FMfYc0EC5LuShKME2sWZY%2F0JPLbUrSBHIVhP1q9hLSMJMefhkRK9XKGqSE3Q3IO%2FS222mRD6gkApZjV0xG1KP%2B6SO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8266f90ed93523af-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebb3b33f5530ad6aa56e548eac5c8d1213770769cd358a98c8a3e740f38c3a3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgY2LHdEEYv0cloXpw4bp7H7h40ST4EwEdEiRcCqd8XhKtiowjZd2mG%2BnNwUHDwyoewTDugabtELy0xi%2FMWniU7vV12qgTwMeRchaolB6AlFDF4BQf%2FW1wBy4vsjdDre3OyDHibB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8266f90ed93123af-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebb3b33f5530ad6aa56e548eac5c8d1213770769cd358a98c8a3e740f38c3a3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sj%2BBddohvJ6tWUXhnWCBnJ3j3Unyy9yySOftvtEHkb1MOYZzYLjl7qtNy5kRc3kKCggtciRvkDcR5as8kV80JWTkaMU9b%2BAt5JDhMimlvP7pX3et5xGuMe2W3YXdrrLgy5AGY%2Fqr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8266f90ed93623af-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 15 Nov 2023 10:57:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
adreq
ads.servenobid.com/ 		592 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2039
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5bc63d04676b0420227e8fb58c5790d7292495aca8f6d585c177f620a9d63fc9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.98.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-98-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
40
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8266f90ee98c0e03-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8266f90ef9900e03-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebidjs
rtb.openx.net/openrtbb/ 		53 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a9e2b6fd2efae166927434940073a5cd2928df3814349e3648993f805547411e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 15 Nov 2023 10:57:21 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 15 Nov 2023 10:57:21 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 15 Nov 2023 10:57:21 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=95563546202&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 15 Nov 2023 10:57:21 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7340226736211857&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:22 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.144.5.218 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
139-144-5-218.ip.linodeusercontent.com
Software
/ Express
Resource Hash
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Nov 2023 10:57:22 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3737
etag
W/"e99-DlD8MarDyco2rkZchfDXSV4nBa4"
content-type
application/json; charset=utf-8
impl.20231114-18-RELEASE.js
cdn.taboola.com/libtrc/ 		817 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
bbe7ac7e8545aa2e0cdf39284056141e8eb4db4aa1142c98ee7ae6b524421462

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
s23UUuLr_pPDU98N5xnWTQW02gstNwYE
content-encoding
br
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:21 GMT
x-amz-request-id
TV4ZJ4GK0SN6H3HG
age
19998
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173322
x-amz-id-2
BtOQUWt6mIxVzBDlw2BiEx1yGhDZBllKlqc4FzwEzzBsFdW8ZsNZl4ABHgXa9NU8+FMwfNYvDKc=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:24:03 GMT
server
AmazonS3-br
x-timer
S1700045842.751266,VS0,VE0
etag
"8f2e2e67da9786e9b1c8c5cee60e22e2"
vary
Accept-Encoding
content-type
application/javascript
abp
37
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
36493
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:14:32 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2569
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
zdd1uydALrrcBkaB1Ew1_qqxmIIJfpji5c2sgUC4p3gWjEwykKUKMA==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
215523
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		41 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=11%3A57%3A21.835&lti=deflated&data=%7B%22id%22%3A834%2C%22ii%22%3A%22%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1699972418870%2C%22vi%22%3A1700045841829%2C%22cv%22%3A%2220231114-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html%22%2C%22vpi%22%3A%22%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3540%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3419.546875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5135ef43e311a30d3984560af2eef53dc97ea1da1645ec11e4475e3ef934a48

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
398
date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.7952083333333334
x-fastly-to-nlb-rtt
80373
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6923-MXP
x-log-content-encoding
gzip
server
nginx
x-timer
S1700045842.850046,VS0,VE398
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css2
fonts.googleapis.com/ Frame 2B01 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 Nov 2023 10:57:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 09:07:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Nov 2023 10:57:21 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2B01 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 17:53:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
61453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 17:53:08 GMT
pixel;r=1508087380;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html;uh=e51ed67dfb8d...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1508087380;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-439230185-1700045841749;pbc=7243aadc-1a9c-40eb-9528-d74a386ee37a;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700045841961;tzo=-60;ogl=;ses=796816c9-acaf-4c51-95a6-2893f6c8c23e;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9yZW4tc2hpLWRlLW51LXJlbi1kdS1qaWFvLWxhaS1zaGVuZy1saS14aW5nLXpoYW8tZGFpLXJpLXNoYW5nLWh1YW4temkteGktZGluZy16aHUtYmFpLWJlaS1mZW5nLWh1YW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTFjMjllY2YxLWZiZTYtNGMxYS1iODYxLTNhMzFiNTdlNDlkNCIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJkN2VjMmY1Ny05YTY2LTRhNDQtODA5Mi04MDU0NzlkYmZmNDgiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwMDQ1ODQxNjU1LCJiaWRzIjpbeyJjcG0iOjAuMDMsImFkSWQiOiI3NTJlMThhNDU0YTkzZTgiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6Mjg5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDA0NTg0MTk2NX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJpeCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzUyZTE4YTQ1NGE5M2U4IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5N30seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZDdlYzJmNTctOWE2Ni00YTQ0LTgwOTItODA1NDc5ZGJmZjQ4IiwidGltZU9mQXVjdGlvbiI6MTcwMDA0NTg0MTY1NSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19XSwiY291bnRyeSI6IkNIIn0%3D&c_b=3457.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1650524014564366&correlator=3343485012425547&eid=31079666%2C31079668%2C31079658%2C44807410%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height%2Cheight&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&arp=1&abxe=1&dt=1700045841997&lmt=1700045841&adxs=236%2C315&adys=60%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vis=1&psz=728x-1%7C970x-1&msz=728x-1%7C970x-1&fws=4%2C516&ohw=728%2C1600&psts=AOrYGskBo8fffrSJXwFfKYRscHcz-dcUZgK6yy5TMN37AWUUQmJkbV30qGBYMAk7LUiI2w0-hydrXLWn1wDsLH1cU3E&ga_vid=1672339767.1700045841&ga_sid=1700045842&ga_hid=869039616&ga_fc=true&dlt=1700045840888&idt=614&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26fcEnabled%3D0%7CstopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_2_0%26cluster_reporting%3Dchrome_DESKTOP_2_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D752e18a454a93e8%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_2%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_2%26adro%3Dv8_c%26faid%3Dfalse&adks=1420297610%2C2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd0129194416ecf1c481ba749bb12d1a13a889a18dce7578f7baf015c3002170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20349
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
a1551001.js
js.genieessp.com/t/551/001/ Frame FF08 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/551/001/a1551001.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:10:59 GMT
server
nginx
etag
W/"65016e93-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Wed, 15 Nov 2023 11:12:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FF08 		199 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5410 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb786ae098bf5c6f0b2886c9651feefc62dc69a580132d059550efe86d44ab1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10183
x-xss-protection
0
server
cafe
etag
13524180167336558228
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 93FE 		714 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
12664
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8266f9111f943752-MXP
content-encoding
br
content-type
text/html
date
Wed, 15 Nov 2023 10:57:22 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yONm60AKhEhGZMVyvpiMs7h2l7Qg4jKvs0ng1wr8hw6%2B9gIHDfs%2FilRhCAkwFlaHh%2FfmmISmGVGMr5BIVT1vdAU1OC186A%2BWzTEz2HkkPalX2%2Bg%2B6C5Ss31UsnYVPoDtFgCYLapXtPG6maCpMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4CFB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Nov 2023 10:57:22 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 15 Nov 2023 10:57:22 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Wed, 15 Nov 2023 10:57:22 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 93FE 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
899cd827b6e68f174b638b32474a1a4dcf10ae941985baa9adb9417ade728e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31444
x-xss-protection
0
server
cafe
etag
670 / 19676 / m202311090101 / config-hash: 8561109728819297004
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5410 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c03555c720d8a9c4c33f6df9be1d90a433449b31d6e149f8d1b451fca2116b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52764
x-xss-protection
0
server
cafe
etag
16554491160276248369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 16:47:17 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-C1
age
1652612
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
fra1::58txd-1698598036852-d74a80e9fa02
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
Dv7N8zgreyFeQ0vMgmcH5SjbaieRiTWMhDwmUhdHekKmBgPqqQTT8g==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		519 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
b499758f19f8908ac7f96fcb014f53fc5ab0fb1b372828c83c9c0d4f76403bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-51
cdn-cachedat
11/03/2023 18:31:49
cdn-pullzone
873945
last-modified
Mon, 16 Oct 2023 11:44:57 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"652d2239-81b53"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
f9c7923f68a3922da6520b5db6b35385
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 93FE 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3676
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 14 Nov 2024 09:56:06 GMT
floating-unit.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e6781229a252e3beddf9f5747d2c20cfe07f7bb11ecc0462ce8f274e034472e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8fCUhTLFiCupLFUUUiWQWodhclxihlo3
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
H6WKSA2J3R8YC8BY
age
77447
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2494
x-amz-id-2
FBQ9L4cBY4w5TqKcoNaX22eS6f9yw/1HQiQZbsnbd8ouq+M9Og9zIrWhTqCdCoBeSa3LxBZbRgY=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:25:55 GMT
server
AmazonS3
x-timer
S1700045842.296560,VS0,VE0
etag
"eb1ef341a318339c0ce7060582f2fb8f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5209
taboola-vignette-new-scanning.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70d8debfe8539b58126335a2d54f0e17d4decf7856272a25d3ff2b54dcb36f6c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MGzCNTfQek5FW.aAcBvXk5a6HXwxGv5d
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
1S9NCWEJ299JEZM8
age
77428
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8020
x-amz-id-2
wmgyurDaSz/dBedGiuCcbYoxaPLBPNeMHkask7dbsX9pXj2jPZD/u8IkWiuJjIB9s/ZbAnHRJyE=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:25:21 GMT
server
AmazonS3
x-timer
S1700045842.297397,VS0,VE0
etag
"bfbfc3c31e1f27085db483009c7661ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2468
distance-from-article.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f9effe53a85c5f7c2b587c2985f817f08e3905ff5a090d1030aa54d298ccbf3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0vVnsUwHHUqeRdAe35VjgK5Fr5HlG2Lw
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
796J7PDF4P8Q9BRC
age
77456
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
wEcY3IzfEUrGrtDlyzPnTPZcEVLM9BmlMN6v1fFbY4cP2d/QKGbmnHbd77n5Vo8Z3Ao4xHyGgC8=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:26:14 GMT
server
AmazonS3
x-timer
S1700045842.314872,VS0,VE0
etag
"d2ac9c83bc882de82d72d7a77f42b825"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
79490
article-detection.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
195fb7f0ace546649cb50fa6f11f7eebadfd123c8d55d16e09bd2e2fcf21f1a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4Lzx0bOc8KBd_elPvF80LhHeMJL3VS1n
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
FYTWRVEGAV9S2C43
age
77453
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
eNSUcnjBjb4h1FUe0PxGWtyf2k9ALhDZrr33V5fg7oCEyJoujLrW+Y+GHVsZytqvw8kMX1KJxf8=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:26:27 GMT
server
AmazonS3
x-timer
S1700045842.314988,VS0,VE0
etag
"01edaac0f179d9e1a0106333cf61d9bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
79505
tb
15.taboola.com/ 		30 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=palmate-bg3co&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Feed&uuip=Feed%20-%20Below%20Article%20Feed&cisrf=&cirf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&encoded=1&uid=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1700045842308&tagid=&cntry=CH&platform=1&sesid=2d75a60d4ce2a796cd8767974204def0&itemid=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&viewid=1700045841829&geolat=&geoing=&deviceifa=&appid=&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ri=f49b2388bc775459075074581874dca5&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1524057&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=ZG&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1231993&prcnt=&layer=&normp=1&gvv=9058
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
739fd58fc913288fb968cd4398829c1e7addcce2c17484639aff45391b860227

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1424
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-mxp6923-MXP
pragma
no-cache
server
nginx
x-timer
S1700045842.317759,VS0,VE39
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
268fb8f58b9437ad115850150f6eb038255a9b4ffa20cb83ed67a84bf887227b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XIP9R782WB5UxyUM3xv.esl.JI3Zm3jw
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
H8W4VPD1V83JX5WM
age
77477
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
+sWYbyGxP3GppM09u88K6TNx1+KJ2H/faGOj/atQ62TR+mAcKy8V9Rne2+BLP3cgoCOqPgX2cIA=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:26:04 GMT
server
AmazonS3
x-timer
S1700045842.317789,VS0,VE0
etag
"e0513b7eb2b99350e6e812cb05322fa7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
82686
userx.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a470610882b87435d135f0a36148dc4b95a6e0b0b574efceea83c15801a1ab2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LX.Um8cZdcLk_hfPvOXzbTFJWYBBm8Ke
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
F0KFZQKSF72CHX7M
age
77497
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5399
x-amz-id-2
VgW8ZSz3DD5rGJYGgck4B0aI4WM0MFx/tx0WG/nf1PwQ1YHX0eqIaqQXYQfLWRyyy4vYbHuxpx0=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:25:15 GMT
server
AmazonS3
x-timer
S1700045842.321618,VS0,VE0
etag
"4a0ddedcda1b2a871274d8fe781b074a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11549
explore-more.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07029a31a26e00eafb71bacabca73a47d40527855c63d5e950787a8486d13da9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4dMtWhWj_HU5LSCHWYVrjc95ARp8GGlT
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
FYTS6MFKHV8BCTB6
age
77453
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7707
x-amz-id-2
ZFoCzdOS1k3aiXVSmRlZ4bRG+Ff4Yc1gNgRg0Tzjv2jbDW7dIWgtN4cjvi8LxN0sROLrBgCQYFo=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:26:07 GMT
server
AmazonS3
x-timer
S1700045842.334166,VS0,VE0
etag
"1b7ae4a6d57bb981a4ca9f572061cced"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
45597
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=11%3A57%3A22.288&id=1462&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700045842289%7D&tim=11%3A57%3A22.289&id=4744&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700045842301%7D&tim=11%3A57%3A22.301&id=7307&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A57%3A22.325&id=3215&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
trc.taboola.com/palmate-bg3co/log/3/ 		0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/pubs-generic?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1700045842326%7D&tim=11%3A57%3A22.326&id=1255&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
80433
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6923-MXP
pragma
no-cache
server
nginx
x-timer
S1700045842.369522,VS0,VE82
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A57%3A22.326&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=9107&cv=20231114-18-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22tbl-explore-more-container%22%5D&vi=1700045841829
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63520
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A57%3A22.333&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6136&cv=20231114-18-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63520
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A57%3A22.334&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=7391&cv=20231114-18-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63520
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A57%3A22.338&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=9457&cv=20231114-18-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63520
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A57%3A22.339&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7149&cv=20231114-18-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63826
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A57%3A22.346&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9546&cv=20231114-18-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64101
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
2BXJKKX2RZV89N9D
age
95
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
WyL2v7Y6tMjGZIwQzTqLEakrV0fvos6RjsnPZZi2oiW+JmOnNuMfVUBcREdsw9/uoKeZa4qMe/Y=
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700045842.369518,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
63
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
68
usync.js
eus.rubiconproject.com/ Frame 4CFB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6330f30714835990abd39bca7dc7fd4c331adbdfc0a1c842903bf9f2d19810c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Nov 2023 16:28:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19879
Connection
keep-alive
Content-Length
13281
Expires
Wed, 15 Nov 2023 16:28:41 GMT
03189ac2845d38a8b7a3c816acbe4705.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e30afbbc2eeeccc6899ecce44c3c3ab6a5176010998ae5811da239ecb21fc467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
493
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
age
767849
edge-cache-tag
605294521975574540276488412410482252536,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
605294521975574540276488412410482252536,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, MISS
x-envoy-upstream-service-time
281
req-referer
https://www.bg3.co/
content-length
104996
x-request-id
447285e8065aa2300a38db25c92c0c59
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200031-IAD, cache-iad-kcgs7200150-IAD, cache-lax-kwhp1940066-LAX, cache-iad-kjyo7100122-IAD, cache-mxp6923-MXP
last-modified
Fri, 03 Nov 2023 19:08:26 GMT
server
nginx
surrogate-reporting
width=800,height=600,bytes=96983,owidth=1000,oheight=600,obytes=526725
x-timer
S1700045842.403576,VS0,VE493
etag
"66d8b3503fda7899de464dcf79e91263"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 0
03189ac2845d38a8b7a3c816acbe4705.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2dd05ac84ae3f8de2d2324c26caa0d9cbe1e1f16b661cac7e7827e3dd60f485

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
age
1791647
edge-cache-tag
605294521975574540276488412410482252536,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
605294521975574540276488412410482252536,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
259
expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://the-audience-news.com/
content-length
83130
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100068-IAD, cache-iad-kjyo7100068-IAD, cache-lax-kwhp1940105-LAX, cache-iad-kjyo7100102-IAD, cache-mxp6923-MXP
last-modified
Mon, 02 Oct 2023 14:23:42 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=104554,owidth=1000,oheight=600,obytes=526725
x-timer
S1700045842.403675,VS0,VE0
etag
"e9b11423092488b715bfcf058c5aebfd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 51, 3
12e8af6e5a8126ff4ce2e521968131c7.webp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12e8af6e5a8126ff4ce2e521968131c7.webp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2dd7fa2b1b9475d715111c9f792b11370c40cebab38a214187de841f55e15576

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12e8af6e5a8126ff4ce2e521968131c7.webp
age
1297703
edge-cache-tag
605557800550640298128896901915987142807,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
605557800550640298128896901915987142807,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
158
req-referer
https://www.express.de/
content-length
11694
x-request-id
cb10fb9376e9c11005eea215dbe59f62
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kiad7000068-IAD, cache-lax-kwhp1940103-LAX, cache-iad-kjyo7100038-IAD, cache-mxp6923-MXP
last-modified
Fri, 29 Sep 2023 06:55:07 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=16099,owidth=1200,oheight=674,obytes=148394
x-timer
S1700045842.432441,VS0,VE1
etag
"bf64d6c26a5a99288f86a3640f2926ac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 41, 1
8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
463c22dc8c2d4a1be87d3c8c018d947db83778f737fc751b09786e2bb15098f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
age
1728199
edge-cache-tag
438378630997508548517438721481607029344,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
438378630997508548517438721481607029344,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
720
req-referer
https://www.lekkerschmekker.de/
content-length
10890
x-request-id
dd32e45e56f7e4919c6bfef2ff3369d7
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kjyo7100093-IAD, cache-iad-kcgs7200072-IAD, cache-mxp6923-MXP
last-modified
Mon, 09 Oct 2023 10:01:52 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=16026,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700045842.489941,VS0,VE1
etag
"62fd0b04b6800b3d86bda697925731cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
ed2e15d4af16c6b4acd5b82bc00ce444.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed2e15d4af16c6b4acd5b82bc00ce444.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3afe8aed10450d890bd2e05f72771d6df58580ee5cc7503b42ba001d50123977

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed2e15d4af16c6b4acd5b82bc00ce444.jpg
age
1735644
edge-cache-tag
433729605079410828768310899349787172962,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
433729605079410828768310899349787172962,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
330
req-referer
https://android-news.suedkurier.de/
content-length
78436
x-request-id
ee29b642b1bb84207375e256743e3c10
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200128-IAD, cache-lax-kwhp1940072-LAX, cache-iad-kcgs7200171-IAD, cache-mxp6923-MXP
last-modified
Thu, 26 Oct 2023 06:26:24 GMT
server
nginx
surrogate-reporting
width=850,height=425,bytes=85666,owidth=850,oheight=478,obytes=161679
x-timer
S1700045842.489930,VS0,VE3
etag
"dc1a388e16adbf73fcd54be47730c91b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 30, 1, 3, 1
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
28a3320749440ee186044135d5f8df9d013ee44e3056ef87abc0edac2e80757d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
4841964
edge-cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
26
req-referer
https://games.espn.com/
content-length
8202
x-request-id
7566a54d52f59e01fec20137eda07cf6
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000089-IAD, cache-sna10744-LGB, cache-iad-kiad7000113-IAD, cache-mxp6923-MXP
last-modified
Mon, 11 Sep 2023 14:19:17 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=19552,owidth=1200,oheight=800,obytes=384488
x-timer
S1700045843.513950,VS0,VE1
etag
"2ab09194cbfd18a791103c6697590d5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 187, 1
c76cbf6b6eba0ee9a02f8064cb7181e8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c76cbf6b6eba0ee9a02f8064cb7181e8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c65c9b34189d767a2dcb8cb09ef65858b35d70b7d70bce347cfe00c66db9af5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c76cbf6b6eba0ee9a02f8064cb7181e8.jpg
age
3176547
edge-cache-tag
505905664156302768222755886033675790463,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
505905664156302768222755886033675790463,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
168
req-referer
https://www.talu.de/
content-length
38514
x-request-id
e308eb1b8c8a3d814282cdb5c681cbd9
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200106-IAD, cache-iad-kiad7000172-IAD, cache-pdk-kpdk1780026-PDK, cache-iad-kiad7000088-IAD, cache-mxp6923-MXP
last-modified
Mon, 09 Oct 2023 10:45:17 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=119486,owidth=1000,oheight=600,obytes=143191
x-timer
S1700045843.520350,VS0,VE1
etag
"19650e8a4887cc160dca5931fe769301"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 73, 1, 107, 1
03189ac2845d38a8b7a3c816acbe4705.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed225722ab695305e497cad42d49b678b91834cf0cd0b44de1699039c2109f0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
age
6546055
edge-cache-tag
605294521975574540276488412410482252536,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
605294521975574540276488412410482252536,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
342
expiration
expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.mundodeportivo.com/
content-length
91868
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000056-IAD, cache-iad-kjyo7100102-IAD, cache-iad-kiad7000158-IAD, cache-mxp6923-MXP
last-modified
Wed, 23 Aug 2023 13:09:04 GMT
server
nginx
x-timer
S1700045843.534689,VS0,VE7
etag
"791bd4d87782bd65ae2ea62c4b3c362a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 49, 1
ed2e15d4af16c6b4acd5b82bc00ce444.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed2e15d4af16c6b4acd5b82bc00ce444.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca37daecd4621164f645a0b844d6096d07da1c18e0b5d7b7f4f8b4f1594053ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed2e15d4af16c6b4acd5b82bc00ce444.jpg
age
1744259
edge-cache-tag
433729605079410828768310899349787172962,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
433729605079410828768310899349787172962,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
314
req-referer
https://www.tag24.de/
content-length
82922
x-request-id
f1326a0db3116b12cc5b81e0797cb027
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kiad7000125-IAD, cache-iad-kiad7000068-IAD, cache-mxp6923-MXP
last-modified
Thu, 26 Oct 2023 06:26:24 GMT
server
nginx
surrogate-reporting
width=850,height=472,bytes=80650,owidth=850,oheight=478,obytes=161679
x-timer
S1700045843.545699,VS0,VE1
etag
"f282a42f10e117112a6acd714f30bb51"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5, 1
12e8af6e5a8126ff4ce2e521968131c7.webp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12e8af6e5a8126ff4ce2e521968131c7.webp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
641af0798b3ed632b2c013b8d64a5594edb962f8dff932ed54bdddbe107a4174

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12e8af6e5a8126ff4ce2e521968131c7.webp
age
4075336
edge-cache-tag
605557800550640298128896901915987142807,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
605557800550640298128896901915987142807,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
527
req-referer
https://www.wp.de/
content-length
36310
x-request-id
e7ac2bc3a6536a3eb71f439b869a8e1a
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200114-IAD, cache-iad-kcgs7200114-IAD, cache-lga21963-LGA, cache-iad-kiad7000140-IAD, cache-mxp6923-MXP
last-modified
Fri, 29 Sep 2023 06:55:07 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=73415,owidth=1200,oheight=674,obytes=148394
x-timer
S1700045843.577123,VS0,VE2
etag
"4f6f53f1592a1e7af4791de6193b4e2d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 65, 1, 19, 1
8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
age
1673348
edge-cache-tag
438378630997508548517438721481607029344,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
438378630997508548517438721481607029344,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
100
expiration
expiry-date="Sat, 04 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.waz.de/
content-length
33638
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000118-IAD, cache-iad-kiad7000051-IAD, cache-iad-kjyo7100023-IAD, cache-mxp6923-MXP
last-modified
Wed, 04 Oct 2023 14:50:50 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=48351,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700045843.577375,VS0,VE1
etag
"3bb4cf0d908a96cab5dd4873ba3cea84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 1
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 5410 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65e9f410f3d9e28cea22dbd695c97520ec6267b8c70a3431e35f5830b9ea2b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138497
x-xss-protection
0
server
cafe
etag
13396311804071876401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.7/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 3bbd9c639a192694d597e09ea3006bce.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP53-P3
age
93528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35262
x-served-by
cache-mxp6976-MXP
last-modified
Tue, 14 Nov 2023 08:52:22 GMT
server
AmazonS3
x-timer
S1700045843.651007,VS0,VE0
etag
"acbf4feb7c49eb33282548b433b4476b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
0VkBdLMKhOQ8eiPenscq4xWZt1XFkMe3sQ-CLtUsEF_8s52v9vxiNw==
x-cache-hits
7937
next-up-widget.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04f0df4ed3122b2f5319372f31e8af0393df3b510c8a615a57acb2e23c74ed49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z5xiuiYZI8FzY0UY2XR06DYUMr2IH.YI
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
BE6XTH9CAYWRS4Z7
age
77445
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4624
x-amz-id-2
Sekbp+6cAKHZ2VEBpMrjJg29QMNSoz301xefYnehlz8Q2D3RAwXhahH+PBGOWkVttGhX7ToSQkY=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:25:49 GMT
server
AmazonS3
x-timer
S1700045842.489550,VS0,VE0
etag
"da8e6a1fc0ce73eb78ae26b25b292820"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
35
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5006
/
pro.ip-api.com/json/ 		120 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
56c967334f0bf9f703969fb095aea727d403b1100e995a872474445ba8c2d341

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Nov 2023 10:57:22 GMT
Content-Length
120
Content-Type
application/json; charset=utf-8
khaos.json
token.rubiconproject.com/ Frame 4CFB 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.59375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A57%3A22.543&id=6809&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1660%7D%22%2C%22eventTime%22%3A1700045842546%7D&tim=11%3A57%3A22.546&id=5514&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=11%3A57%3A22.556&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4274&cv=20231114-18-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64143
css2
fonts.googleapis.com/ 		20 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 10:33:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Nov 2023 10:57:22 GMT
spa-detector.20231114-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231114-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a6c30b0f026ecaec073ad12bc0a32f3dbffbed64640b2778220d3b93b0f09b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OMitnfdF9Z8YVB5t9mVdr_Azp1grR9iS
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:22 GMT
x-amz-request-id
NRAHM6SDE8X8HMVQ
age
77503
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
780
x-amz-id-2
5wA/m03mag/tDSx4dpEZBrYsKXeD/CmyEKbvEj6gIzmaWRJ95yV54fJS88HbT/XmeXVcKTVTSQA=
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 13:25:37 GMT
server
AmazonS3
x-timer
S1700045843.584194,VS0,VE0
etag
"dd2c535f46b9d1fb9b8ef995c15f19f8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
46115
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A57%3A22.558&id=8609&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700045842567%7D&tim=11%3A57%3A22.567&id=1995&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A57%3A22.570&id=8939&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11657&tvi50=9058&lti=deflated&ri=95e6b21f7020899e5c072fbe2a0bf25e&sd=v2_2d75a60d4ce2a796cd8767974204def0_8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991_1700045841_1700045841_CNawjgYQ2YJdGKXLg5W9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&pi=/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&wi=9206064422920973271&pt=text&vi=1700045841829&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700045842571%7D&tim=11%3A57%3A22.571&id=9456&llvl=2&cv=20231114-18-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
container.html
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97B9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:21 GMT
expires
Thu, 14 Nov 2024 10:57:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2823 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:21 GMT
expires
Thu, 14 Nov 2024 10:57:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 93FE 		492 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1645423197550382&correlator=3545178449984451&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700045842613&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=h4bm93zcgbiy&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qNldc_s7ePOYx03q5mXluZcsxw4srfh8IVJijK0qznBbWx54ZOHTmV2Ohhi5t0YoXsGkIQyyYCt9tSDNFGwe5NLrkunOBXHWZ6FFpDiLN3nTwtfP0DCcVN24Y7QXIU5UhapUacMfjeSfj5o4BEg9C-QmT7rkRkaC5sOqykqy7yknKbl-4RaV3rMzrxfHBtDUJvcaUQRAz_Ug__vKi93&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=403900998.1700045843&ga_sid=1700045843&ga_hid=644301511&ga_fc=false&dlt=1700045842126&idt=363&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13e66a6cfecb13fb4d7527deb2133fdc041e77817ee429bab3514f843b1f4778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 93FE 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb47736d3fd1267f76539579982d0f731bd543d008163b8a0b4731026a1a5107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12380
x-xss-protection
0
container.html
187a39e975b517f47d5b01a9f3d97e5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F6F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://187a39e975b517f47d5b01a9f3d97e5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:22 GMT
expires
Thu, 14 Nov 2024 10:57:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
idsync
sync.aralego.com/ Frame 4CFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOZNEET6-1Q-1N34
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOZNEET6-1Q-1N34
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOZNEET6-1Q-1N34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOZNEET6-1Q-1N34
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:3b73:e7ee:7fde:90af Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvcmVuLXNoaS1kZS1udS1yZW4tZHUtamlhby1sYWktc2hlbmctbGkteGluZy16aGFvLWRhaS1yaS1zaGFuZy1odWFuLXppLXhpLWRpbmctemh1LWJhaS1iZWktZmVuZy1odWFuLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcmVuLXNoaS1kZS1udS1yZW4tZHUtamlhby1sYWktc2hlbmctbGkteGluZy16aGFvLWRhaS1yaS1zaGFuZy1odWFuLXppLXhpLWRpbmctemh1LWJhaS1iZWktZmVuZy1odWFuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 14 Nov 2024 10:57:23 GMT
date
Wed, 15 Nov 2023 10:56:24 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
pixel
googleads.g.doubleclick.net/xbbe/ Frame 87B3 		478 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWdRIN8_YCcTPUguVnsOF5Ms-CY7uFme2IMbgdOE1NbBqg7SMh-gT6oahF5hs75o-Uh3G10A5Xjo3oRT7mfnJ29zqtgXA
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 97B9 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97B9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C69bztq76glRrEnq_Dj34jplCL6mVT2-hWlXlLKg52-EgmG6bTPoyi-24fBar7HmLBXK0_odJiD3ligxDYEzX5sg-t_9P0liwbzYHYcnOePfOuM2w
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97B9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2845737962323680341&x=1&ct=77
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 97B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 09:56:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 97B9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
68757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:51:25 GMT
l
www.google.com/ads/measurement/ Frame 97B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbJcwEj1TFw-6p59cB5D1FPGwciEo5KbyWRtxXswws4OsRexusBOdseB34YKGfD3eMvKqSTeHtV7JK9SgW2LnmkVlmQQ
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 97B9 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 454C 		478 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNXeJmIXnna2K8hBmcRCNwu4Ojf-iq4VtSIdoi9Rj91XucKg3i75Kt9UznpjRn87wa5vi5tL32B7wx64nSTRy6luZ-GzzQ
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2823 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2823 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6icRjQuU6UNkkyU6WmmW98DOvewScMoEvlwZxMlJ5QaUfRcSIBhSuUIy8R8tPOIhAhJg0oSjSLcYUVimkWAOs5kIYVjEQrIfBXyLffqL4rtgSdO4
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2823 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13922891142377982791&x=1&ct=77
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2823 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 09:56:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2823 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
68757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:51:25 GMT
l
www.google.com/ads/measurement/ Frame 2823 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS38KkSoOzDse1kwv629uP4O1gpGoXY6M_fOErDoulioHOttcEOygRhzbRM3HgwjXVYGaLEiZD5BU6bHDhthfdCIPgjhg
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2823 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:22 GMT
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c27ef10d2100324d6f764dcc9a46ea6e
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:50:59
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
39aae570a07624e3bf638f701a7f7695
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-167
cdn-cachedat
10/31/2023 19:01:06
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
d0c8fb519adf7a0008efcc14486f4ded
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-677
cdn-cachedat
11/10/2023 21:11:01
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
8698826ce84d7c667f6721857401b931
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.co_1695642730139.css
cdn.unibotscdn.com/clientdata/css/ 		440 B
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.co_1695642730139.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-382
cdn-cachedat
11/05/2023 20:42:32
cdn-pullzone
873945
last-modified
Sun, 05 Nov 2023 20:34:22 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
374
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6547fc4e-1b8"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
2def5ee45c335c36bed3d9e5c2309245
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-677
cdn-cachedat
11/05/2023 14:34:02
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
b02f46126965a6a7b8ac213eae1c30c4
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9be7158c22e6b491bf8e343b9de0b503588d232c5d6bce3deca1bb5b3c02020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127387
x-xss-protection
0
expires
Wed, 15 Nov 2023 10:57:22 GMT
03189ac2845d38a8b7a3c816acbe4705.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4fac5b861b7c65e89229b00ba7cb16a2f672b3eecc04e4792fde391f3f836574

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03189ac2845d38a8b7a3c816acbe4705.jpg
age
1175731
edge-cache-tag
605294521975574540276488412410482252536,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
605294521975574540276488412410482252536,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
574
req-referer
https://www.backzeit.eu/
content-length
10560
x-request-id
8b2bd2b672c79a73af37853c28922107
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000095-IAD, cache-iad-kiad7000037-IAD, cache-iad-kiad7000130-IAD, cache-mxp6923-MXP
last-modified
Tue, 03 Oct 2023 11:53:25 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=15623,owidth=1000,oheight=600,obytes=526725
x-timer
S1700045843.746189,VS0,VE1
etag
"684f6a54a90ea69799a19ecbc0b45fe4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 74, 1
ed2e15d4af16c6b4acd5b82bc00ce444.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed2e15d4af16c6b4acd5b82bc00ce444.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5130017a6fb1d1324ebeb242796828ab8fa60b68c6e7a8462fc9ec436018812e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed2e15d4af16c6b4acd5b82bc00ce444.jpg
age
994450
edge-cache-tag
433729605079410828768310899349787172962,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
433729605079410828768310899349787172962,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
36
req-referer
https://gailtal-journal.at/
content-length
10254
x-request-id
36511d3a5c35617f087804fa5dd0db0c
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000169-IAD, cache-iad-kcgs7200023-IAD, cache-lga21929-LGA, cache-iad-kjyo7100141-IAD, cache-mxp6923-MXP
last-modified
Thu, 26 Oct 2023 06:26:24 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=17536,owidth=850,oheight=478,obytes=161679
x-timer
S1700045843.746193,VS0,VE1
etag
"e8a604e268661a11b37c1608b33983ff"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 4, 1
12e8af6e5a8126ff4ce2e521968131c7.webp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12e8af6e5a8126ff4ce2e521968131c7.webp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d62ef0b660e3f8e1798fbf79cfeca6b95db931127827239e7ad1582fe7333e89

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 15 Nov 2023 10:57:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12e8af6e5a8126ff4ce2e521968131c7.webp
age
1722556
edge-cache-tag
605557800550640298128896901915987142807,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
605557800550640298128896901915987142807,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
85
expiration
expiry-date="Mon, 30 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://coinvideos.de/
content-length
4520
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000159-IAD, cache-iad-kjyo7100148-IAD, cache-lga21971-LGA, cache-iad-kjyo7100149-IAD, cache-mxp6923-MXP
last-modified
Fri, 29 Sep 2023 14:08:49 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=5763,owidth=1200,oheight=674,obytes=148394
x-timer
S1700045843.746151,VS0,VE1
etag
"5f19de09539337d369264be393c0c978"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 5, 1
ads
googleads.g.doubleclick.net/pagead/ Frame 0542 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75c1fa5846518acce24dd7a2337fa14649b54b60561c3c5680c75842f1defac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16517
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 4CFB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4CFB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9aTkVFVDYtMVEtMU4zNA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI2yLd2IgCA3TLesSeHDc7Y&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9aTkVFVDYtMVEtMU4zNA==&google_push=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9aTkVFVDYtMVEtMU4zNA==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9aTkVFVDYtMVEtMU4zNA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
setuid
px.ads.linkedin.com/ Frame 4CFB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOZNEET6-1Q-1N34
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOZNEET6-1Q-1N34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9A38ADA5250B42DA854ABB8F70C4D488 Ref B: VIEEDGE2116 Ref C: 2023-11-15T10:57:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKLsSS/j1UNLTTKIXzWw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOZNEET6-1Q-1N34
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4CFB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DBR6jNXFRV-ljA-RJOcqLQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DBR6jNXFRV-ljA-RJOcqLQ
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DBR6jNXFRV-ljA-RJOcqLQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
111SNHQ3V9CYCZE8V440
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DBR6jNXFRV-ljA-RJOcqLQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4CFB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTM2NmY1NzU5NWRhMjRlZjg5NTc1MjViMzZhNGU2MzdiMWQzMDA3NQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTM2NmY1NzU5NWRhMjRlZjg5NTc1MjViMzZhNGU2MzdiMWQzMDA3NQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTM2NmY1NzU5NWRhMjRlZjg5NTc1MjViMzZhNGU2MzdiMWQzMDA3NQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4CFB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGG2VkwQzlIYY4qvi6WiBeM&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGG2VkwQzlIYY4qvi6WiBeM&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGG2VkwQzlIYY4qvi6WiBeM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4CFB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5zFKTs8YrRKp9jwAmOwPpcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MsGZJWRE2oKsEm7AzcHXpiUfVvHRFgvu6MhurQ--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MsGZJWRE2oKsEm7AzcHXpiUfVvHRFgvu6MhurQ--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MsGZJWRE2oKsEm7AzcHXpiUfVvHRFgvu6MhurQ--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4CFB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q00mZKrvT-usnDcgkJR8QQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q00mZKrvT-usnDcgkJR8QQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q00mZKrvT-usnDcgkJR8QQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5X7PTQVHXNMHTXW15NFF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Q00mZKrvT-usnDcgkJR8QQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame 4CFB 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.96.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-96-209.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4CFB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=234bade2-ecb2-40f0-b4cd-4730af60b55e&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=234bade2-ecb2-40f0-b4cd-4730af60b55e&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=234bade2-ecb2-40f0-b4cd-4730af60b55e&expires=30
Date
Wed, 15 Nov 2023 10:57:23 GMT
Connection
keep-alive
X-CI-RTID
b4ec9f51-0db5-437b-8c22-d72b2f267518
Content-Length
144
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 4CFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOZNEET6-1Q-1N34
43 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOZNEET6-1Q-1N34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
an-x-request-uuid
672da33c-19cb-4883-9f7b-8f64d9eee6c6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOZNEET6-1Q-1N34
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 4CFB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOZNEET6-1Q-1N34
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOZNEET6-1Q-1N34
95 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOZNEET6-1Q-1N34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOZNEET6-1Q-1N34
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
capi.connatix.com/us/ Frame 4CFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LOZNEET6-1Q-1N34&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LOZNEET6-1Q-1N34&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LOZNEET6-1Q-1N34&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8266f9188be801db-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
82
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 15 Nov 2023 10:57:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LOZNEET6-1Q-1N34&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8266f9178a3d01db-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame 4CFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LOZNEET6-1Q-1N34
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOZNEET6-1Q-1N34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOZNEET6-1Q-1N34
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 4CFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOZNEET6-1Q-1N34
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOZNEET6-1Q-1N34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOZNEET6-1Q-1N34
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
v1
match.sharethrough.com/sync/ Frame 4CFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOZNEET6-1Q-1N34
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOZNEET6-1Q-1N34
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
3.126.228.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-228-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOZNEET6-1Q-1N34
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 93FE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 10:57:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97B9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1285499660545&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97B9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1285499660545&version=m202309260101&ct=77&x=1&cor=2845737962323680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 97B9 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmJTL2OzWUFSMs5XVzLtACmd8pEZwH--XB_3mbvOAaN2OA41mP2eWysmRbaXJvdC6scCYF711hl2JLdeziZ5YzXqrn0SbvaCG1c7p8E2im2kHWadsejdQgBvvcQ2YWZ2jwUEpCIxbH_yFyMfcZ4tasuXlioxShGoSuNQVM8Tm7iSZoUvs&cry=1&dbm_d=AKAmf-DN6oK069IZXZa1yslMGwk7JDLvWv91pDWdSyrfgkk1QS_GR2eABEbdzhizDtRmHB2WO8Y7RkN-EctFF69zr4skJJMukVBtq1OmkD_QLhUj6_evn37klsjgKL8-XdDcwy2Ioi5qxUVBeYnpE2NHkxVCy6ejripZdq6F1VsNhHDL-zfqjcJr7BMD6_wNdGkyqrvESjI9v3m4YM9ezuZoeQgGFyN3jynhrH-x_VAjn6jEEyQ6xSvGymuqTk-wzO68xQfpe0hDfW8hHfC3G-So1P_MSXAGli4iiCaHCVASgrNh8aGV2qjT8n9R3RW96KShs3fqGkF1O4iwlwteKVM4KOSugjICsuJY_EehtXLmOMi820Cjar7I70_zyRK7OiCqbw1eq9x6G6DTNhcfIAKMDOFBpXLkev5hXM3bn7J8WYnHFLFjgNFQxk4HDB_y8SXJaDCsjl8w02cDO-1_GRwa4sdxfyzbHbZKi-fkPLNlv9PtXREVbUL42P44nlV22fh5kD7hGEMoAzodQnZRwngzICddkREEXDC9t7LOH0cj2iPA79iI1SMwoxIX45XNLIMlq3M62enzwR0YV0qqeKtZsSQwv_n7YZwp5MdBUAchvo8KHj_Whqeo7mNBZl8vPTGSiksTkvLy4_Y9CR7y8Q8b-xsVydrAsg7PnJWI5KqMPkx43CyWcLRn5QD0r9T3wurOhrClYFKdiUyLj22A_pKxw4nLvo5TPVIIsA9PQrCXhumcsn03Ohki7aKM3N-YfyfuLYMPKxEDUDhUi79LOgHilQ5v_f_hLl8sxnodr0zEynaT2jObN-ww4IhW7Ojwqjz2pZChIDpNgZUwjbrNE14QSdHmwJyk9vgymbjHnVnvvrRO--5dSWRwHmQy7mnsnYGSBTBqdzc0LqtGd_b--zGn0_MFws5o1EC8FtguK8Ksv0ydhtPBugcRqNMWz2qiq5NAMo0rsU50jUQLcCO278zoIAnvYEo4nhVsJ_t6wcD5b5BRRXk6NPFNWr2LTo6o-fqzyga6IUUV-SE957_bx9R1-TB0HH0e2twA_Cl-QWmJWYyBNQ1-dC2Kr8EjJ9TqzNQh7yezhi-Enz09q5JL3MctUMaQip2znehVmhxmxJkpfRNub5X6PcsKoWVUbokNICeDl-8x1YYM2p0SAvbmq3X_P8YSuKuBpowXm-qhyQ5xPlZxu71QLB0esE7sYsU3s1kICpbVpyl7m3FoLx6-3x6XU8dOhHYK1vR3IUMKDTARlZrzkPLdajInd_xEMorsgHOEb9qX-MA0y7sn5y0k_6eZdGGAbjKfRUxJ6PI2-YNww85QXfWj6HLEyuwUYCE91uyKoCvwuokP6k2CuZuMCOBXJz29gWWBX83b_QttymEmAuU0ESgyohQN-SHgFFJZRHCK5QJDGevX3UQLa6bTsE0XJeW_A_78VxaNA-GnNcbtfC23s28cuf93scQG8JYWsVwqeAehDdqDx81_OuD44Lz1b5fYb8JWcxsPVBERkE_XpuwYvoenGJl30Nrfk__JalDqJkXN6bDSOK920bv7OxMCW8bRi35ubNYKuIflZvh4PQyviSBWi7PIb8hTlo9RLG1ygH5T1Q95aFljHxC_8a4rEQIHRCkQqLQt6h9g2gUzInw71XREUTd9sIQopbQkkCxWWOropAhZjV9LzIhxkudLFXnlDMBZnYLMx_dUKYiy_yrI5KyUDor-p5rAQ7FXd8jV4U3CHsNFeAOeAQe51NbxfFOhreQ_mXiBUdGEXJ3FOzhUlXNxMLb7JzNiNmQOQjc4yJOcmWliVzCcnUABV4YXuMaVFDLfEj1Dwo4D2TFulh0jK28G8YQTHHl91QSaCQJqeQsdayglgrhLLNsfEi8EIHH5ItWLna8357HiFpWmpyFHOib5XNum6EPBoOs7NF2uF6UHIyEY9WG8BQjGOPvZg_q018DzzITz0Wen6O9VFLgWJkNZIMXJbc99Fv6apVvHGAk1Y0-QOh8wlw8kg7-n_h2d6POL5m3CKSRHn0VhBA5zOkaTp554E4qVGit9MRpYU0wbcz9JEUbcRI-rQnyyrvf-vnzDVPAJKPdL219RIVZn3GHFSAwlv40hAn26nkL2N5HotGSNQN_ifj_udhKqUSv3Yl5gTSwJpAqo8opXZYidVRLGfNqb9ti0d6TrIaGd7Bk2H6uVgL161LlmZ2HN9aRvLPO8vGTwxbJF-cLksDb1yJhqOt7t7lLsqa26dsMKRiI1NTJ8_AURZTER5vZcbL4t6isq2h-VF9zjmF2b4ywAQuVuaTMbdOzSAn0HtsCq45W0ChG7YB-MrlTcoegXJ-GZshnO3RXqnqncLiFv03oaF4ahPUmxYUHz548a6MAWx9ugMN6GW1MvYwg9uirZEIyuPmDt3riA7gwIdYDFmu84iLAVC8sk-pmZhuTslSc-FLyg-PFbinHs5yn0Wp2WU2fdXQghHKhtJ9dsW8dAGZe6Paw4yX8fDiiR_LOiUV0yxGxvQqs6OVKM1xIDKrXstDwLJHea1OI18J_gQENFcqwTg074hz9goffTeenCK7owZfKGDH0TCA6GuEEsoDyw4RfQj5BkXAuNxTp6i3bhORmxW4DqB0PB-m9vTyBfV6BqYJmNnuEPExf2CRPk3tP1A6W1bTK4gTDJTKXire7y16XJGCZlxHSc1H1kyu8bF4tIos3i2yo9bsfYz1KCYYzUxM29i0LlTs70z21i3AqxMWaB9pKjoUf9bE1IRp4Ds6RgdEbcKW4tunpBz2LCvDr4a7P9WZHj5g1qG8qchb3hyEdNSWbUb7XF5cILJsBSeCg6QWm-cFn7qdIFxE_BqxJjsmW_veJBWKrRPDdv3YkzydQGQezzKNGLdzAcuo2Ei3YmaH8LEFrfO4AuCXJ0kLl_dwLQs5hD3GLzPw9P5btadlKTMXmIzi_8RB3rMM736Q2u67FJc3B62csHLdpXcMLmJ1wEbfqsPH80j_yqpbV0gP8Uw3GnmWvM3knZup2m_FiM5IABqPOSpR6drk8DBVnQHYwiJXUw1reoD6vig6YAmcfyqkJK20zsLrY-11ekMF8uEX4EEF-QhGz98WvflqQMCfHua6jImVIagS-ZvoGyua09qC7W1xHLVzdlmNAxAaJU125yAhjuS6HuTVtkOFHls4yJGuqhfA5C7ZZ60zGsUrlkukDo3gBC95cY54q63bn7gtiK6lqIliyIccN6Uyum9UPf9X2hUMqC6Pfz0MhTQKROYvEZIxHZWPPeNpAE8ZEjxTVshU4mpsLyeQa0PipmDvOSrqULb5tyDdackaCnlm2I9XTXXxB-2vDeztUrvnAVgji8Fb3DgOLmXAThzUfEnGcfOX3vDl5haspYVmPcmWTPHD8JRsDRsUVAekBh6tgDelzMqIj3HhEMI2ZgV5D9JGxklG2uALeTWXR_wqmWmmpf8HH7suQkL4C_nRaSIjb0C1Exq3HkD-56tjB5H0ZHvWqC9fPAxi8RbOf9t0iCURerY2fFPZz8YmOXtAet_-kJKFDOLwljET3r3FykkphpjnSXAgavoIJTprbnKAfsUiKgVoex4vjL-atOEeAiAzya40D8NhsA7jMnjguouRUv1DgcMryyPCErVNsT9QgKGJgB_9nfwPDWuPNS6jNc2xv9LSoFHu_yf2ubQzkFBQZwQn88TFBRaciqG-ZBXDIUsa1Xuf6h3EWuVwuCTGCQ0DZPwxwJQ5Tt1UA7YeRJeFzWLJYtvnh7Wve7F1O7akhGI6qSa2tWo5Pd6WO68WP0sY1Rvc-Jl87qVxRCmdz2pyfwmBbE7VzegwH-ZVjfDxoImxg41o_wP8HADtOW3woIF637yGslcpxuYbjtbMnUs-mACjtKGgQbIWiTIzSSfAFfV-bgvFZEeSoHQenM_ICzRCR1JURvrD7ECf95nJIOPPzUzP37YYSj5AnXrT3nTEIJ3NPRM5aXWXRYsjHoNbjI3rKpluQFLUakoFhdVwt-LFqmkpFeOMB4cWsy8nE3v6xiPR7NFA7eAFa1i823F5hTnm6j1nF9dNLBYHdnE-skpmYrC6M0CLsn4MaTLuWphm9D3X0Vb6Y7hEZqqMY4i54xvecclGfUV8n47Y3NXbZHjmsQegq0AGw-l7yNk-MCxdA9zZcjtROOJ-zwZOoX0aWsYAgRFWOwbJQZ&cid=CAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=2845737962323680000&adk=3047537735&idt=96&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
540bfa1c39577e05326e012b7ff5a4487a9812fadb28bcba6348af7219368864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14047
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 87B3 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWdRIN8_YCcTPUguVnsOF5Ms-CY7uFme2IMbgdOE1NbBqg7SMh-gT6oahF5hs75o-Uh3G10A5Xjo3oRT7mfnJ29zqtgXA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 87B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWdRIN8_YCcTPUguVnsOF5Ms-CY7uFme2IMbgdOE1NbBqg7SMh-gT6oahF5hs75o-Uh3G10A5Xjo3oRT7mfnJ29zqtgXA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi9p0RXM5%2FzwgicjIlBm2wWHoKBcMhM9J1%2BRRuXHb4smnR2zsO76FiwfIdsGY%2BzjEJ5JY7VlSEl3Z%2FimIDKdms%2FJfbASFUCLzQ%2F8Ky30Lp7b8cI8BuS5ZcC59wqL8bjC50QLDLeOiPosvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f916887101e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwkAWibFgqZB2%2B%2B2WghAhbI0qxaOHUUa%2FMrSok7SrRpFjrnpIXjU6peMiHEdk57Uuj2fZXIWFpuiHN3YNeagh6nlFtm5Zj5xRZT7VcvkzS57jdl8wuNySsKM4S4pA5DXPBpiBfVNA1Y5Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
cache-control
no-cache
cf-ray
8266f9163aaa23af-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 87B3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVSkEpli6XnXUscCwiPr6QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWdRIN8_YCcTPUguVnsOF5Ms-CY7uFme2IMbgdOE1NbBqg7SMh-gT6oahF5hs75o-Uh3G10A5Xjo3oRT7mfnJ29zqtgXA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gv2Atn68vHfzV8H3ttxXJ363lKqpugGNc0H6DpCMZ4OGnBxEyBNvT1PJkwDodSY9GRqgPJHjnZbROjdHpbis%2FjvJJjTS5%2FPh7NRRIxCY94Ae8nc6HPxu3mCRf1MsK%2BY3ee5DM2xuoSLoow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f917095201e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 454C 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNXeJmIXnna2K8hBmcRCNwu4Ojf-iq4VtSIdoi9Rj91XucKg3i75Kt9UznpjRn87wa5vi5tL32B7wx64nSTRy6luZ-GzzQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 454C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNXeJmIXnna2K8hBmcRCNwu4Ojf-iq4VtSIdoi9Rj91XucKg3i75Kt9UznpjRn87wa5vi5tL32B7wx64nSTRy6luZ-GzzQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttfwpOVXOY3LUehE%2BV9X%2BHq3tQYvMpXZ3KUmDDHPWL2uVEiXkTE4ypNtWCNAnzKO4gF%2Bc11R%2B%2FaTiGkmaV7lgKRW5RzB7F32BCAfG9Hkba84odj8z94a0Tqmzzw3z4dWckFm95LeRXWJBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f916887201e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxIJH4wQoZ8tUDulkwnoReDtxYUPETzObUFAEMaMgQG4XQyi7QeUa1dBzhV2egvlmr7jPFMhHUqd%2B5oMLt%2FHlxwbm8Yj5VtpX9N3O%2FmDLyHw0QrTi7VkFfIEttdHqg2C4br4AS9Q1G%2F7Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1&C=1
cache-control
no-cache
cf-ray
8266f9163aa823af-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 454C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVSkEpli6XnXUscCwiPr6QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNXeJmIXnna2K8hBmcRCNwu4Ojf-iq4VtSIdoi9Rj91XucKg3i75Kt9UznpjRn87wa5vi5tL32B7wx64nSTRy6luZ-GzzQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ofd2o6txoFfS6ALien5Hp9GLea1r%2Br4ldsVNUh2hPTQx86XH5BKd1o9BMDMBvuR6IFgKXppH7LALfM6wZdFXNwk5L%2Fu46MN1YRQu0w3uqBsBYd8T1ZLBnU4B6951bayuBkxCb7S%2FIKI5nw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f917095501e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG0HPF1Kt0v06OveW8sVNkc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2823 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1492369889219&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2823 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1492369889219&version=m202309260101&ct=77&x=1&cor=13922891142377982000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2823 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdyrzyAIS_YDzohDybq0WxQyhU-gGEcU6dgbuN04sjOx3YzvUaWhyttL9a13-LxtgHZR4oLWprmzTSxy7gjwi-Af9YqY4QsGedAsxfKh2kzNFf_8XNyq0X_EE3L0YzhtXR0s6sqOnsyqEJg0n0w3oU_xF6iKHz435i02jn403eYKPxpkU&cry=1&dbm_d=AKAmf-AXKGELEsnPdDF6VWhtNLHz85jiebyUsAY-N_MFzB6Y4QQcWWLVpk_i_2JcDoaKyCpQbZp_hnwxNzz-k-BDaWbPDeBgfOqc5IWLO2QPS46eKhSANM4ncbKiyeqpOLOte9b_Gk6ppqQsV6y1DhbMO18IgQSp2HQLUkLILSVshn88jyn_S3xWSHDBk3S0NGa7y21BMDixNynFOaEEUXFX9XabMWqIb3ndv9dOJiM4k5wRqMlQLM2SsLGFiPgS3-JOfXgL6wCI3F75PPbi60XTsgRh6g5qS-ayBQuf0z13PNPNMScaVXz8pe19LC9nEvh_BEgGG2mt6ahhXIF8yshBSNE4zZXDlBqHnWRP0_Qrjn8GLReY7aO8Oiihsw_XdWvZV0HP5zWZgQB-P-4zVzWzUcfUE3Uh-5-merLubdqpKHp7In3gcCp9fAiOLgvS_iHmeTvtyE8EQjgQ3wPdxqfTGpKAlQyM-DB-u1PBLoLERzZANSRJ7Ips5ZfShn90VAKH3zA2Aigzi3_F35FwAeRjjKaZ9aeDPyoeskyo4NAtvCNgrTa2GKM68Z6qvd0Irz748LPpNjoq-fI-lmPlQ76-zSnl-eGKcz5pnBscUwkAeaq8codpBoHmbM3DQ0cYkzaVQGIshxavuGgcnBv7e1SsRO0ONyujJtQOo-i9gof7H-kSVOdOpTtfoMtUskeqXUMkdVeBrc7ezbPwWokaLcuZKLSsm4e8opeT6TDg7j19uTJDOEZM0d22jxokYLR3_GkoSw20gtIkV4B_IJPa4csLuYxNTCAjJr85EZlslO-HVcOQ2I8hUZcgoA30vM-16wXqtD0PPbEQTN0MpIcAutKeKuBdVuLSwkxvqPgfqA4VFp1JfUbBVeCD9RgdhhFyHB_Gql81kb61Lwt04IOH-ITsy0fVKkYeJQV_g0aK1CnsuMtQePREZEoQqwCtKSXUo13e5-UyNAJ3CzuVUIgzjFFyXdoVyp1KaZ7hyMaDF6ypC0lER3OBP2gOKcHq223ymuJrbYn_br9zZfqPUiCBLhiNHwpvD4FI5u3adIGe6LbVYSd7-RBpNK-acGYluIj_w1ef4PujFHHIqZ2SlrJluhrkUAjkXbOV-TLoQ3g8sEw_fNUOoEZAMTtVuvAI0uiSc5AtFtgDPb24QORaKRAY_gvDfDih9EsCAfCHx_MnYg-i3zSArkjNdBDeWbwQev-iHAYhP-th9MRzkB06TaxlfQ1dfdOH-lLgwaoBdwjRRVRIBwPS1nuXj8JLbc1oY5kIUaHWGMDdaEnDdSkMmMICAIVgT0xtrX495t5QDSFgxkkjSURRFGEO8d48AQVH-ChALo1g8srKA-fIuYQ6ltSmZrBGgE5aGs0OIsJ5FJ3c7B4sKQ0GWy_KyRhCnt_6QGLBU0gAB7aFllOmKdm3WRLKGAkkzbH3Q9lW-jKDdbHy8zjjYw-hSFfKL3s6HKklR62PiBa5Oy0AvxvoEBUDufL_T7uRzjjeEoWXOsDC38V6-7viQQP8cbr-m1VBUI8nnBI5uO7ZFH03jWLSmMrMC7khKU7qKbGyc2TJkpL8_0jagtp958dBewQ3X3Lh8AoW4zMi8ibwqpg6pVakFLnzGPfnFfJtY57l9klt3R7Ingzj5utbRCT-aaW-TI1scR-GrjSrrvb66e4NC1wj2ZJn5ZKbRIFByKETfAqp_gWlPdNYCKsyrxfTzo8N61wJ-ASda6mPHj3nX9_LaqQTzkCcuc2YR4jNJAuH4gknjwu3PC2McWVHx0UbgK5x_bNMMhZNnjKBn-67Bh2R5NaoOsBovLZHXapeVeNucqXAiCE_WrjEQJH1Ietu1Jg6iewx6oX5dDbd4t-K6rnQ2jmqaqYg0kxfdIQxrFE-Z5J4PkokYPtLpmOzUytvJYln1fD8E5fXVdwl9XGgcHm8dCUE6WLnuZIaQOeBwSCH1pXSTHLVz2um1RXreRlEFbErenIknxr-OFiYx_AU4y7Dz53vHgPJguwZxyG6GyEhr9x9qNvKsk2WGIl6Bcx7TUSab9npWh7hYNzVZhqYKxYhpRhz5qJ_Ct4YezGLE0_GOZGNLP0ogcIBCNeMk0zgAnBDQHQHNDZE6uS8MdrxV82QBKk0H1kWWHwWIHxaogSA-uTwZhPRUq4w34xWEpvxOdZLb6gzr9O4KDm54-dQa6WD2LJDNP7KSt3bsYdITfEFAK9N8ofIbnR1ALUuTLeW6JcTtDe580S2zrf7MRdqrEKRwJ012_j20KgUGXPKcCvDzWOajM6cZOSKk_3tuKKizeYhHKf0eQmUNCtpcRNNbixmH2nRuroJ0Lwvrkd_qVEclCBp5cboRgcJAbhtJT3dznvCY1rJtk24fZKJr2Ng4HqIy0z6CFf7yo7KVEcZ0qSqJ88FA9cjm2I4yE9hIM6Lm7eRUi9rPJU0MT6edaNs5bTYEmus6jE2NHnar4RXysYYg62r7DcHgWjPX96rbxro05YwD7pMXrxbPtGBojdEREhu9ad_xVvFiEDpELtV4Q8TLXmMOBlPPZVXBWf0r0IWNwmzYN5rD74LceSUct3kV_i5Ue6FVV6f4uaxo5x9jjaSl29VqaGOuzsJp3x1KykY6tf6ZexzBGcxDZiR2bJFJ5bMlmrIKatwPfFuytsYgtYioHBYfhExDxamBkZ2x50u1jWS6MH_KxoqYUq8G4NzlElSW_0VrGAAuLu1rusvQ7kZW5f_SA6LAXOCyqGy1GOMbxM0FWx4uf2Akp0Dx9E96r2YryVnkJ14r2e6AU7E1fgagL8WaEUDkwX_kiM5clzRA-aTqyg2QpD99KzV7uv5I9sKC_pBYhbBjx38gRdf-5rKVYyUcOD4EN3tTNIv9aOPYHgHglPGqyfkvY5BzgcNIeLnXvLub_JFoILwfIkqEduceo3wyTkDKln-xAfJzW3mCBJ8sUg4Jps8cDAda3UgJn_3mZ8wwD0zlvbL4U-5KwUnFASIukLwVbEZdU9CEmEkCRrmBxWusO2Dfw9CQBwkW_m_E0xaWydEAjgo9ovSUf3z2ZYVcftkfwKbqiMdrL350vMJLtXJp-SzsCg0i9iFkRypnnlnLeJ6TyX13oBYmwx1W4DoSH4YHTocZHeG5WTRGEfpfldTdvNFoclxuauk2zqVxSmeFFl4BEfpmq1ZFUGztUF-P_TO7ybuMTiMNHp7FJCiCM7CUC5zMtkS6VPsq8s9DgdKuApvpGM68zx1Hx475mZWe477jmCqopRCEXUAlATMDURe6o6cDZByXNn4HqjAVYJ4XTIQq48-g2gqNaFMid2q2K91odeybYPolCmo7F3e7e-HeMsf3nbWdgLro6K38RADxeE9FzM7sSn1BQzPaK4m3l6ikMsaVFCw7TPj2tTovI6F3tEw3ktZ8tE0Y7OSgmUnbJij0F2Lt5YLKUxGDQVD4g4zpXvsJEq7YItLooYJvMkHJscshGkjIVqviyoV-sEsarplefwLQtN50HuynDRB6ela_rlqeescdA1mRlN9mAslgXAHfbeACuorwY4ZTabe-HUNKIXKSg2_CoUYYUZXCkW-w4Rj3ItOoxl8_e8g_uvuka2YPOZwypElf_GNBIt_-oNmw6lYjGv5DOnnCRFNCEjXBLngJbWp_zIJcNz5yuDXW6rr-kwnWEmZsU_G-eZ2QOMzEVuR_fry1AgWxdSRz5ooq_QfCtP1X5qSzEQidDo6xclxFZTCwHdRaJDrcGoq9Z1PTkfubxZhiQ08kqGx5WdfVASqsZuWV9PbUhxF1Am_H8MoQ9I-gZfIm9q9xYxHcDtl2b5a05YgF-wmxfVOO3FiPXSlb1b9EtW7TRYHE2jaLtn183cv43zqnsCX45Ve2UNC9KHL9hWedddDLlSduZrg0JEExHtLzCXMjbJgYGYbgxsH1SZR9gH_4XGS4tQeqicfoaSKWcWqJJohWf0UIM9jG-09R8lTvYwmmkNh5xDv50QpN1r3mgq-720eFg56mCu_V5C2dOBvBgjziVJvLsEhpoAhxotFnAr6hrHd1A31lDE-xdAgAIJfrm5pSY5xHImqVPn5nySEhU6l2y5oCB_en83NSMAyD3RxE_w-_3Kwl9gxhV-gVBZOCO_nFcTHMvpkgn19DZCJDwNt-j5xL4wuRziHqrLpp75OjrfHRoWDizIgBHVvofd8EHM_MkKk&cid=CAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13922891142377982000&adk=2857193498&idt=135&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef07e6dc2c4e15ebf4499b2509e073797fb39673d212bf30c051a25bec2d4368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13704
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 10A3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:17:37 GMT
expires
Thu, 14 Nov 2024 10:17:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 989A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a7976d5bd0166661439fd6af26f2989fe05a8520573eabb24ef3cb8f9d9b526b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XZ-oyrXqQwdeSOc-L-0dqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XZ-oyrXqQwdeSOc-L-0dqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:22 GMT
expires
Wed, 15 Nov 2023 10:57:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 10A3 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:55:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
3696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 09:55:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 989A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1645423197550382&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6972-MXP
date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
491
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2823 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdyrzyAIS_YDzohDybq0WxQyhU-gGEcU6dgbuN04sjOx3YzvUaWhyttL9a13-LxtgHZR4oLWprmzTSxy7gjwi-Af9YqY4QsGedAsxfKh2kzNFf_8XNyq0X_EE3L0YzhtXR0s6sqOnsyqEJg0n0w3oU_xF6iKHz435i02jn403eYKPxpkU&cry=1&dbm_d=AKAmf-AXKGELEsnPdDF6VWhtNLHz85jiebyUsAY-N_MFzB6Y4QQcWWLVpk_i_2JcDoaKyCpQbZp_hnwxNzz-k-BDaWbPDeBgfOqc5IWLO2QPS46eKhSANM4ncbKiyeqpOLOte9b_Gk6ppqQsV6y1DhbMO18IgQSp2HQLUkLILSVshn88jyn_S3xWSHDBk3S0NGa7y21BMDixNynFOaEEUXFX9XabMWqIb3ndv9dOJiM4k5wRqMlQLM2SsLGFiPgS3-JOfXgL6wCI3F75PPbi60XTsgRh6g5qS-ayBQuf0z13PNPNMScaVXz8pe19LC9nEvh_BEgGG2mt6ahhXIF8yshBSNE4zZXDlBqHnWRP0_Qrjn8GLReY7aO8Oiihsw_XdWvZV0HP5zWZgQB-P-4zVzWzUcfUE3Uh-5-merLubdqpKHp7In3gcCp9fAiOLgvS_iHmeTvtyE8EQjgQ3wPdxqfTGpKAlQyM-DB-u1PBLoLERzZANSRJ7Ips5ZfShn90VAKH3zA2Aigzi3_F35FwAeRjjKaZ9aeDPyoeskyo4NAtvCNgrTa2GKM68Z6qvd0Irz748LPpNjoq-fI-lmPlQ76-zSnl-eGKcz5pnBscUwkAeaq8codpBoHmbM3DQ0cYkzaVQGIshxavuGgcnBv7e1SsRO0ONyujJtQOo-i9gof7H-kSVOdOpTtfoMtUskeqXUMkdVeBrc7ezbPwWokaLcuZKLSsm4e8opeT6TDg7j19uTJDOEZM0d22jxokYLR3_GkoSw20gtIkV4B_IJPa4csLuYxNTCAjJr85EZlslO-HVcOQ2I8hUZcgoA30vM-16wXqtD0PPbEQTN0MpIcAutKeKuBdVuLSwkxvqPgfqA4VFp1JfUbBVeCD9RgdhhFyHB_Gql81kb61Lwt04IOH-ITsy0fVKkYeJQV_g0aK1CnsuMtQePREZEoQqwCtKSXUo13e5-UyNAJ3CzuVUIgzjFFyXdoVyp1KaZ7hyMaDF6ypC0lER3OBP2gOKcHq223ymuJrbYn_br9zZfqPUiCBLhiNHwpvD4FI5u3adIGe6LbVYSd7-RBpNK-acGYluIj_w1ef4PujFHHIqZ2SlrJluhrkUAjkXbOV-TLoQ3g8sEw_fNUOoEZAMTtVuvAI0uiSc5AtFtgDPb24QORaKRAY_gvDfDih9EsCAfCHx_MnYg-i3zSArkjNdBDeWbwQev-iHAYhP-th9MRzkB06TaxlfQ1dfdOH-lLgwaoBdwjRRVRIBwPS1nuXj8JLbc1oY5kIUaHWGMDdaEnDdSkMmMICAIVgT0xtrX495t5QDSFgxkkjSURRFGEO8d48AQVH-ChALo1g8srKA-fIuYQ6ltSmZrBGgE5aGs0OIsJ5FJ3c7B4sKQ0GWy_KyRhCnt_6QGLBU0gAB7aFllOmKdm3WRLKGAkkzbH3Q9lW-jKDdbHy8zjjYw-hSFfKL3s6HKklR62PiBa5Oy0AvxvoEBUDufL_T7uRzjjeEoWXOsDC38V6-7viQQP8cbr-m1VBUI8nnBI5uO7ZFH03jWLSmMrMC7khKU7qKbGyc2TJkpL8_0jagtp958dBewQ3X3Lh8AoW4zMi8ibwqpg6pVakFLnzGPfnFfJtY57l9klt3R7Ingzj5utbRCT-aaW-TI1scR-GrjSrrvb66e4NC1wj2ZJn5ZKbRIFByKETfAqp_gWlPdNYCKsyrxfTzo8N61wJ-ASda6mPHj3nX9_LaqQTzkCcuc2YR4jNJAuH4gknjwu3PC2McWVHx0UbgK5x_bNMMhZNnjKBn-67Bh2R5NaoOsBovLZHXapeVeNucqXAiCE_WrjEQJH1Ietu1Jg6iewx6oX5dDbd4t-K6rnQ2jmqaqYg0kxfdIQxrFE-Z5J4PkokYPtLpmOzUytvJYln1fD8E5fXVdwl9XGgcHm8dCUE6WLnuZIaQOeBwSCH1pXSTHLVz2um1RXreRlEFbErenIknxr-OFiYx_AU4y7Dz53vHgPJguwZxyG6GyEhr9x9qNvKsk2WGIl6Bcx7TUSab9npWh7hYNzVZhqYKxYhpRhz5qJ_Ct4YezGLE0_GOZGNLP0ogcIBCNeMk0zgAnBDQHQHNDZE6uS8MdrxV82QBKk0H1kWWHwWIHxaogSA-uTwZhPRUq4w34xWEpvxOdZLb6gzr9O4KDm54-dQa6WD2LJDNP7KSt3bsYdITfEFAK9N8ofIbnR1ALUuTLeW6JcTtDe580S2zrf7MRdqrEKRwJ012_j20KgUGXPKcCvDzWOajM6cZOSKk_3tuKKizeYhHKf0eQmUNCtpcRNNbixmH2nRuroJ0Lwvrkd_qVEclCBp5cboRgcJAbhtJT3dznvCY1rJtk24fZKJr2Ng4HqIy0z6CFf7yo7KVEcZ0qSqJ88FA9cjm2I4yE9hIM6Lm7eRUi9rPJU0MT6edaNs5bTYEmus6jE2NHnar4RXysYYg62r7DcHgWjPX96rbxro05YwD7pMXrxbPtGBojdEREhu9ad_xVvFiEDpELtV4Q8TLXmMOBlPPZVXBWf0r0IWNwmzYN5rD74LceSUct3kV_i5Ue6FVV6f4uaxo5x9jjaSl29VqaGOuzsJp3x1KykY6tf6ZexzBGcxDZiR2bJFJ5bMlmrIKatwPfFuytsYgtYioHBYfhExDxamBkZ2x50u1jWS6MH_KxoqYUq8G4NzlElSW_0VrGAAuLu1rusvQ7kZW5f_SA6LAXOCyqGy1GOMbxM0FWx4uf2Akp0Dx9E96r2YryVnkJ14r2e6AU7E1fgagL8WaEUDkwX_kiM5clzRA-aTqyg2QpD99KzV7uv5I9sKC_pBYhbBjx38gRdf-5rKVYyUcOD4EN3tTNIv9aOPYHgHglPGqyfkvY5BzgcNIeLnXvLub_JFoILwfIkqEduceo3wyTkDKln-xAfJzW3mCBJ8sUg4Jps8cDAda3UgJn_3mZ8wwD0zlvbL4U-5KwUnFASIukLwVbEZdU9CEmEkCRrmBxWusO2Dfw9CQBwkW_m_E0xaWydEAjgo9ovSUf3z2ZYVcftkfwKbqiMdrL350vMJLtXJp-SzsCg0i9iFkRypnnlnLeJ6TyX13oBYmwx1W4DoSH4YHTocZHeG5WTRGEfpfldTdvNFoclxuauk2zqVxSmeFFl4BEfpmq1ZFUGztUF-P_TO7ybuMTiMNHp7FJCiCM7CUC5zMtkS6VPsq8s9DgdKuApvpGM68zx1Hx475mZWe477jmCqopRCEXUAlATMDURe6o6cDZByXNn4HqjAVYJ4XTIQq48-g2gqNaFMid2q2K91odeybYPolCmo7F3e7e-HeMsf3nbWdgLro6K38RADxeE9FzM7sSn1BQzPaK4m3l6ikMsaVFCw7TPj2tTovI6F3tEw3ktZ8tE0Y7OSgmUnbJij0F2Lt5YLKUxGDQVD4g4zpXvsJEq7YItLooYJvMkHJscshGkjIVqviyoV-sEsarplefwLQtN50HuynDRB6ela_rlqeescdA1mRlN9mAslgXAHfbeACuorwY4ZTabe-HUNKIXKSg2_CoUYYUZXCkW-w4Rj3ItOoxl8_e8g_uvuka2YPOZwypElf_GNBIt_-oNmw6lYjGv5DOnnCRFNCEjXBLngJbWp_zIJcNz5yuDXW6rr-kwnWEmZsU_G-eZ2QOMzEVuR_fry1AgWxdSRz5ooq_QfCtP1X5qSzEQidDo6xclxFZTCwHdRaJDrcGoq9Z1PTkfubxZhiQ08kqGx5WdfVASqsZuWV9PbUhxF1Am_H8MoQ9I-gZfIm9q9xYxHcDtl2b5a05YgF-wmxfVOO3FiPXSlb1b9EtW7TRYHE2jaLtn183cv43zqnsCX45Ve2UNC9KHL9hWedddDLlSduZrg0JEExHtLzCXMjbJgYGYbgxsH1SZR9gH_4XGS4tQeqicfoaSKWcWqJJohWf0UIM9jG-09R8lTvYwmmkNh5xDv50QpN1r3mgq-720eFg56mCu_V5C2dOBvBgjziVJvLsEhpoAhxotFnAr6hrHd1A31lDE-xdAgAIJfrm5pSY5xHImqVPn5nySEhU6l2y5oCB_en83NSMAyD3RxE_w-_3Kwl9gxhV-gVBZOCO_nFcTHMvpkgn19DZCJDwNt-j5xL4wuRziHqrLpp75OjrfHRoWDizIgBHVvofd8EHM_MkKk&cid=CAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=13922891142377982000&adk=2857193498&idt=135&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
450792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDA0NTg0Mjg5ODI5OQogIHNlcnZlcl9pcDogMTM1MzgzOTQwCiAgcHJvY2Vzc19pZDogNDE0NDIyNzYyMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 2823 		0
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDA0NTg0Mjg5ODI5OQogIHNlcnZlcl9pcDogMTM1MzgzOTQwCiAgcHJvY2Vzc19pZDogNDE0NDIyNzYyMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNzE3ODY0MTI3MTg4NzY2MDAyOQpkZWJ1Z19rZXk6IDMzODYxMjc1MjU3Mjk0NjE1OTAKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTE1IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIwNzA1NjAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYyNjc5MDIwOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNTM3NTA0MwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x512406854a04c35a0000000000000000","13":"0x7bc56761b09dbc1d0000000000000000","14":"0x1aebac20b376798f0000000000000000","15":"0x59f7ea808adfbbe70000000000000000"},"debug_key":"3386127525729461590","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"17178641271887660029"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
29okurnprew3
hal9000.redintelligence.net/zone/ Frame 2823 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/29okurnprew3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0bBtEqRUZaWzBYG93gP5oJjgCpHB0Jtpm-iDktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBJECT9BwMDMXWjhkIOXM6lLPnCP6xFyttiENe6LBepvr2je7ntQNNJaRhlB_eFhPlwywsW0Gu2aG6_uGTkmb_nAnjFbZiGBuUdGvJyQYufkvfFdOk851FEybQz1OCIQh3Xl9nwaxCGO2QsIQMDlT-lnUpYI6Y9ShtH1My5ldbn5FB08zxTtuiUUp2Ce_StY0O9ndMrfS8RgYBWviUzxam6ab2TIAIsLlQjfe5Kt7GBn8llPPgHU_BYtLnrOks-5nKJex2Qc4qwwtP-Kjk3Rs3QDF942rXlwfrnQPQUJq0JHKMQDscoBiWuySQBiAtOhn7OPGjjUtRBN0NQnQW1VPJPKcc9qRwgA6ux97gRFVIbUVOI3RwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljVi5Ck7MWCA_IIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjP45Ck7MWCAxWBnncKHXkQBqywE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1DE-3ikdJW6j3AWJOF5NlJhKz2Nw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Cw9NG84Q7cfRcMjst2P8cksUpZ17HIZ1S1-miM9natDryfrFuxDfD2Nok8l3CMy4VwdzgLDx3rZekl7jlvVVQaYXsed7EQtC9TIR4FtHdxloiLQelavmOpI9dcOJ4PW9Yt1GVZUKwEC3z6Iv-CRIeRB1kKAGQ_SEXNKShPQg_OfT6KLeY%26cry%3D1%26dbm_d%3DAKAmf-C7incX2-8Mwh4YCPAHlHDAFnoh0iQm1AsAm4MGVZ7mmwYayiBW4kzZDQNE5yiCrwV77oBtUTXQFEHyhZfazp7OU_DQ7tEcboipLxB8sNgy8rB9aOL66ncPpf37SdrIs0Yc-7E1mjH8VyBfwKvSHTflgORWZRJG6Lju8ycS5EbGAmMXiNnXeDtPYMxcV5B0ksOIi3Mm8X7uFf8YZNZKPB9EnkV5rTmU9p6nnyiGmdZiZOptdjttvnIWyV6LmOV5EoB4t9LEYVwNb-C3twNu2WNLevBRpZ1v6nyy9hnhWGy4zptWUk0MMVX8vEJnmqSeWtFi5hIVL2_bmHe8hId8-UUatX-nIfUX4J86hq34br8U26wkR2ZhJOHWrsf2sBWS0pTPE8DootCvZ8ETNycSrGOtXWtiU7VUrYNjYsD0Dn3ivlEaiw-aG6Suy6lJaCSL0FS5He3nZDn-xhYZSUQx_YsAZk_FYlo4yDW5pljBR2VkBBDtFTkPg2j3C-Z5aEmsczxw3_tj0ct-3fum9fPrI8GZwo5z3oeV0dJIVk8mFwEglxzyYSpP_QOJg-h7ln2e3iUQAsmaDkq3RuVmPQtJKo4w_vEIy-rV1zwb-uAOex-mm0nhbaNDr4hw8DXJiDny3tTnHPzx6B6A5p9nKFtP-O1HhI_M_9nJQbwEoCqjXoioLUlq5r4%26adurl%3D
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
49ef44ebc71277ead5c47365b429b2d9d2cddf222e769c74400905bdefc3901d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:23 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4319
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 97B9 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmJTL2OzWUFSMs5XVzLtACmd8pEZwH--XB_3mbvOAaN2OA41mP2eWysmRbaXJvdC6scCYF711hl2JLdeziZ5YzXqrn0SbvaCG1c7p8E2im2kHWadsejdQgBvvcQ2YWZ2jwUEpCIxbH_yFyMfcZ4tasuXlioxShGoSuNQVM8Tm7iSZoUvs&cry=1&dbm_d=AKAmf-DN6oK069IZXZa1yslMGwk7JDLvWv91pDWdSyrfgkk1QS_GR2eABEbdzhizDtRmHB2WO8Y7RkN-EctFF69zr4skJJMukVBtq1OmkD_QLhUj6_evn37klsjgKL8-XdDcwy2Ioi5qxUVBeYnpE2NHkxVCy6ejripZdq6F1VsNhHDL-zfqjcJr7BMD6_wNdGkyqrvESjI9v3m4YM9ezuZoeQgGFyN3jynhrH-x_VAjn6jEEyQ6xSvGymuqTk-wzO68xQfpe0hDfW8hHfC3G-So1P_MSXAGli4iiCaHCVASgrNh8aGV2qjT8n9R3RW96KShs3fqGkF1O4iwlwteKVM4KOSugjICsuJY_EehtXLmOMi820Cjar7I70_zyRK7OiCqbw1eq9x6G6DTNhcfIAKMDOFBpXLkev5hXM3bn7J8WYnHFLFjgNFQxk4HDB_y8SXJaDCsjl8w02cDO-1_GRwa4sdxfyzbHbZKi-fkPLNlv9PtXREVbUL42P44nlV22fh5kD7hGEMoAzodQnZRwngzICddkREEXDC9t7LOH0cj2iPA79iI1SMwoxIX45XNLIMlq3M62enzwR0YV0qqeKtZsSQwv_n7YZwp5MdBUAchvo8KHj_Whqeo7mNBZl8vPTGSiksTkvLy4_Y9CR7y8Q8b-xsVydrAsg7PnJWI5KqMPkx43CyWcLRn5QD0r9T3wurOhrClYFKdiUyLj22A_pKxw4nLvo5TPVIIsA9PQrCXhumcsn03Ohki7aKM3N-YfyfuLYMPKxEDUDhUi79LOgHilQ5v_f_hLl8sxnodr0zEynaT2jObN-ww4IhW7Ojwqjz2pZChIDpNgZUwjbrNE14QSdHmwJyk9vgymbjHnVnvvrRO--5dSWRwHmQy7mnsnYGSBTBqdzc0LqtGd_b--zGn0_MFws5o1EC8FtguK8Ksv0ydhtPBugcRqNMWz2qiq5NAMo0rsU50jUQLcCO278zoIAnvYEo4nhVsJ_t6wcD5b5BRRXk6NPFNWr2LTo6o-fqzyga6IUUV-SE957_bx9R1-TB0HH0e2twA_Cl-QWmJWYyBNQ1-dC2Kr8EjJ9TqzNQh7yezhi-Enz09q5JL3MctUMaQip2znehVmhxmxJkpfRNub5X6PcsKoWVUbokNICeDl-8x1YYM2p0SAvbmq3X_P8YSuKuBpowXm-qhyQ5xPlZxu71QLB0esE7sYsU3s1kICpbVpyl7m3FoLx6-3x6XU8dOhHYK1vR3IUMKDTARlZrzkPLdajInd_xEMorsgHOEb9qX-MA0y7sn5y0k_6eZdGGAbjKfRUxJ6PI2-YNww85QXfWj6HLEyuwUYCE91uyKoCvwuokP6k2CuZuMCOBXJz29gWWBX83b_QttymEmAuU0ESgyohQN-SHgFFJZRHCK5QJDGevX3UQLa6bTsE0XJeW_A_78VxaNA-GnNcbtfC23s28cuf93scQG8JYWsVwqeAehDdqDx81_OuD44Lz1b5fYb8JWcxsPVBERkE_XpuwYvoenGJl30Nrfk__JalDqJkXN6bDSOK920bv7OxMCW8bRi35ubNYKuIflZvh4PQyviSBWi7PIb8hTlo9RLG1ygH5T1Q95aFljHxC_8a4rEQIHRCkQqLQt6h9g2gUzInw71XREUTd9sIQopbQkkCxWWOropAhZjV9LzIhxkudLFXnlDMBZnYLMx_dUKYiy_yrI5KyUDor-p5rAQ7FXd8jV4U3CHsNFeAOeAQe51NbxfFOhreQ_mXiBUdGEXJ3FOzhUlXNxMLb7JzNiNmQOQjc4yJOcmWliVzCcnUABV4YXuMaVFDLfEj1Dwo4D2TFulh0jK28G8YQTHHl91QSaCQJqeQsdayglgrhLLNsfEi8EIHH5ItWLna8357HiFpWmpyFHOib5XNum6EPBoOs7NF2uF6UHIyEY9WG8BQjGOPvZg_q018DzzITz0Wen6O9VFLgWJkNZIMXJbc99Fv6apVvHGAk1Y0-QOh8wlw8kg7-n_h2d6POL5m3CKSRHn0VhBA5zOkaTp554E4qVGit9MRpYU0wbcz9JEUbcRI-rQnyyrvf-vnzDVPAJKPdL219RIVZn3GHFSAwlv40hAn26nkL2N5HotGSNQN_ifj_udhKqUSv3Yl5gTSwJpAqo8opXZYidVRLGfNqb9ti0d6TrIaGd7Bk2H6uVgL161LlmZ2HN9aRvLPO8vGTwxbJF-cLksDb1yJhqOt7t7lLsqa26dsMKRiI1NTJ8_AURZTER5vZcbL4t6isq2h-VF9zjmF2b4ywAQuVuaTMbdOzSAn0HtsCq45W0ChG7YB-MrlTcoegXJ-GZshnO3RXqnqncLiFv03oaF4ahPUmxYUHz548a6MAWx9ugMN6GW1MvYwg9uirZEIyuPmDt3riA7gwIdYDFmu84iLAVC8sk-pmZhuTslSc-FLyg-PFbinHs5yn0Wp2WU2fdXQghHKhtJ9dsW8dAGZe6Paw4yX8fDiiR_LOiUV0yxGxvQqs6OVKM1xIDKrXstDwLJHea1OI18J_gQENFcqwTg074hz9goffTeenCK7owZfKGDH0TCA6GuEEsoDyw4RfQj5BkXAuNxTp6i3bhORmxW4DqB0PB-m9vTyBfV6BqYJmNnuEPExf2CRPk3tP1A6W1bTK4gTDJTKXire7y16XJGCZlxHSc1H1kyu8bF4tIos3i2yo9bsfYz1KCYYzUxM29i0LlTs70z21i3AqxMWaB9pKjoUf9bE1IRp4Ds6RgdEbcKW4tunpBz2LCvDr4a7P9WZHj5g1qG8qchb3hyEdNSWbUb7XF5cILJsBSeCg6QWm-cFn7qdIFxE_BqxJjsmW_veJBWKrRPDdv3YkzydQGQezzKNGLdzAcuo2Ei3YmaH8LEFrfO4AuCXJ0kLl_dwLQs5hD3GLzPw9P5btadlKTMXmIzi_8RB3rMM736Q2u67FJc3B62csHLdpXcMLmJ1wEbfqsPH80j_yqpbV0gP8Uw3GnmWvM3knZup2m_FiM5IABqPOSpR6drk8DBVnQHYwiJXUw1reoD6vig6YAmcfyqkJK20zsLrY-11ekMF8uEX4EEF-QhGz98WvflqQMCfHua6jImVIagS-ZvoGyua09qC7W1xHLVzdlmNAxAaJU125yAhjuS6HuTVtkOFHls4yJGuqhfA5C7ZZ60zGsUrlkukDo3gBC95cY54q63bn7gtiK6lqIliyIccN6Uyum9UPf9X2hUMqC6Pfz0MhTQKROYvEZIxHZWPPeNpAE8ZEjxTVshU4mpsLyeQa0PipmDvOSrqULb5tyDdackaCnlm2I9XTXXxB-2vDeztUrvnAVgji8Fb3DgOLmXAThzUfEnGcfOX3vDl5haspYVmPcmWTPHD8JRsDRsUVAekBh6tgDelzMqIj3HhEMI2ZgV5D9JGxklG2uALeTWXR_wqmWmmpf8HH7suQkL4C_nRaSIjb0C1Exq3HkD-56tjB5H0ZHvWqC9fPAxi8RbOf9t0iCURerY2fFPZz8YmOXtAet_-kJKFDOLwljET3r3FykkphpjnSXAgavoIJTprbnKAfsUiKgVoex4vjL-atOEeAiAzya40D8NhsA7jMnjguouRUv1DgcMryyPCErVNsT9QgKGJgB_9nfwPDWuPNS6jNc2xv9LSoFHu_yf2ubQzkFBQZwQn88TFBRaciqG-ZBXDIUsa1Xuf6h3EWuVwuCTGCQ0DZPwxwJQ5Tt1UA7YeRJeFzWLJYtvnh7Wve7F1O7akhGI6qSa2tWo5Pd6WO68WP0sY1Rvc-Jl87qVxRCmdz2pyfwmBbE7VzegwH-ZVjfDxoImxg41o_wP8HADtOW3woIF637yGslcpxuYbjtbMnUs-mACjtKGgQbIWiTIzSSfAFfV-bgvFZEeSoHQenM_ICzRCR1JURvrD7ECf95nJIOPPzUzP37YYSj5AnXrT3nTEIJ3NPRM5aXWXRYsjHoNbjI3rKpluQFLUakoFhdVwt-LFqmkpFeOMB4cWsy8nE3v6xiPR7NFA7eAFa1i823F5hTnm6j1nF9dNLBYHdnE-skpmYrC6M0CLsn4MaTLuWphm9D3X0Vb6Y7hEZqqMY4i54xvecclGfUV8n47Y3NXbZHjmsQegq0AGw-l7yNk-MCxdA9zZcjtROOJ-zwZOoX0aWsYAgRFWOwbJQZ&cid=CAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=2845737962323680000&adk=3047537735&idt=96&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
450792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDA0NTg0Mjg5NTgwNQogIHNlcnZlcl9pcDogMTI2MDU5Mjg2CiAgcHJvY2Vzc19pZDogMjk4NzA3MDEzNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 97B9 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDA0NTg0Mjg5NTgwNQogIHNlcnZlcl9pcDogMTI2MDU5Mjg2CiAgcHJvY2Vzc19pZDogMjk4NzA3MDEzNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDAwNDA2MDc0MTc4MzMwNTM1MApkZWJ1Z19rZXk6IDgwNTEyMzA3ODQ1NDExODI0OTEKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTE1IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNDk1MTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYyNjc5MDIwOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNTM3NjUzNQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x512406854a04c35a0000000000000000","13":"0x7bc56761b09dbc1d0000000000000000","14":"0x1aebac20b376798f0000000000000000","15":"0x7a8391f932630bd60000000000000000"},"debug_key":"8051230784541182491","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"14004060741783305350"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
so0m3m0ljrhx
hal9000.redintelligence.net/zone/ Frame 97B9 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/so0m3m0ljrhx?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCssDkEqRUZaSzBYG93gP5oJjgCpHB0Jtp2--DktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBI8CT9Dux5yic-npf32XiWdJ8v8-l2tOBulQHs6dHhbUa8YtdyDMl7jqO2bRPvUcTLYNko7vq_l4gSnU-9YJooPy91cKs-KSn9KGbxnVq-Of2RcS9RbYsN56afF7NX2S9lVj_EoZ4QadqPtOhsl806qqm3W9-f0dSqSaQ8VzlHSrRJ3nUVBGGjVUmxKGPYFC6AMuHX0MLHkhtRwCpoGe1ytvRk4N8glnZmQEgTw7GracQiG_cWMoJv4YagMhsOQ1CzXxbugeFcqcRdrhaNgBvg9QxMXoy7xrGL9tZw1SJFXlKLBrg6Ar5TpQo_hI_X5k9K41inN1mRMuSVAEL0cXgTRUZ7CN3jlAx0s78fqy69aGI8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY1YuQpOzFggPyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMIzuOQpOzFggMVgZ53Ch15EAassBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1bER_5h3QZZ9WK2a0j-sCC4XsgVw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcEf0pKY2UCYLGprPaPjhZ1d4vf4Dnc1B5BYRF2mqM7PkaBVGN_w5e5IpANd99vr0tHZH4xBerFPiMxb5qmRYifiQhDV72bpIOBJ3Y0HrBh1Lxrg1WPI74IQ7nJeszHfMUEg7iXoDO4wZhdBtHYQGsin5WL7LAoE1wP9ngHWQs0dAgDIs%26cry%3D1%26dbm_d%3DAKAmf-DNJrAnBB3wRNIlh65EZsZJ9StZrdgS4ffmYlkqzg_tUeFnVihuAP-LB6PAwiFcaVJI7qI5n0yEMHSdm6lSqZP5rrY2lP4my4kMkLB6Wx_ieKipWMdjWLCgTqCKOF75icYGg96A95hlG93PrCn6OPmD6UNACsEn4j6xzL0rMfaRNLtHtdpbXznnTgmhsCUphUV41ApBVrEiyukEKBrSmaVZvYjHM8wZY7JUAFHJ92LRypbthhGvpO6fY4NfLXrtQZHrWOUe2EdkegnkJqjcYYAzC4bXxstjm6FeNV8tbKNHzQKfbfLa0diGyQNQ1MvjwVEbmLM6NWEV8VVbnFjxUqEIAH-G9KFSewRNSRqxzfQzutPazzjfjozmK8AwIo9ksYKc6BgHvbzbLs7f7fQvoNazC54NrWcFVlEFPdP6na0ypHydfaAIoSn2so-NnzjWwTkJwLVEBdSaxj8vfYgeJpGKlhICFKfdbboP4BJZkwZfrQT7Kf2VwRVfCTkNeEQfHTojukFdO8P4vLRpxu-_uK2sqKJuMNRflwVkvX4gTTSVcznTPIyspIPH8x50EDzxzwYlROgqvuTV4k6PIam4Vf7_BekVzDne2R2MteCewwhN320sAink6P7uRvOcpAxBTcigyReDYbMZNJdOT7TqeidAe9bnyjZlqJyZRAoyYMfSvPFqZlQ%26adurl%3D
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9ef5a61ef8983fc566496a5263dfec303f241b87af2e6f3f37db0635dcd8707f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:23 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4317
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
st
imprammp.taboola.com/ Frame C42C 		577 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&cmcv=&pix=undefined&cb=1700045843012&uv=3358&tms=1700045843012&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=949bce37-45f6-4e43-b484-7201d2f4c7e1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2876e7991075e17603d8a1f01206b1d5725199803f8baa5651b5078f4f33be9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 15 Nov 2023 10:57:23 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6923-MXP
x-timer
S1700045843.032582,VS0,VE25
sync
am-match.taboola.com/ Frame 1E00 		439 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3733fa6d0ee22c0ed17c6094436438b7761d02b78308dd0268c930fc43fa3ef9

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 15 Nov 2023 10:57:23 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700045843019&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1569&pt=1076336841&tz=60&viewable=true&ddast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1439
x-cache
MISS
x-served-by
cache-mxp6923-MXP
pragma
no-cache
server
nginx
x-timer
S1700045843.032749,VS0,VE51
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66622845&crid=6926735&dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&cmcv=&pix=31589837&cb=1700045843011&uv=3358&tms=1700045843011&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700045838531.2!ts:1700045843011&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-length
0
server
nginx
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5141 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
556521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0542 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 09:56:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0542 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
68758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:51:25 GMT
l
www.google.com/ads/measurement/ Frame 0542 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5t8RuqaTyRbnuq38stoWdSkg00DZo1ZW8BrA0SYgfn_GUvr2szY2OohOIXG0JkS7eVNmxAvXg08pWYoZkCQD2l_esgA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0542 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 10:57:23 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame A3AF 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8112d1655fe510787858ea1cf10ffc6a270a3b2ce7a15f42a4821bec24564c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bvRXMy3_IYzN5p1pDvsewkk6AItqGWBTKP4RnPvtUXOXqvYErk7je7pY_3Oun5KEwdhirtLwPMG9ko_P2SS9p9qvA35AAtaE6axQhHQoWGqebzqMcM0SU2EDhD69mktSWVrL4duTHeadYij9Bi0qvOhPply8yd6SHGiQYVt70UuUTGZltyClCYhSmOG1ODZ_YqjRY0mKRG_QZZEGuS-K-65haeFLTGUaUa306_Vd7ukX-tl0QTJJePlbEcpI_GmPkSIHXA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2702823
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6DE0 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
66926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Wed, 15 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 080D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
556521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame C42C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&cmcv=&pix=undefined&cb=1700045843012&uv=3358&tms=1700045843012&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=949bce37-45f6-4e43-b484-7201d2f4c7e1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame C42C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&cmcv=&pix=undefined&cb=1700045843012&uv=3358&tms=1700045843012&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=949bce37-45f6-4e43-b484-7201d2f4c7e1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28537

Redirect headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
content-length
0
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame FF08 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1551001&cb=6437435304&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
c22a4b188db87ba6b65f567352eef0bd6d400fd25fb6caadf65d1ec87f20bc8b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame FF08 		633 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/551/001/a1551001.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=14400
content-length
445
expires
Wed, 15 Nov 2023 14:57:23 GMT
usync.html
eus.rubiconproject.com/ Frame 4D62 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&cmcv=&pix=undefined&cb=1700045843012&uv=3358&tms=1700045843012&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=949bce37-45f6-4e43-b484-7201d2f4c7e1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Nov 2023 10:57:23 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
8M4D1F1RRSRT07RS
age
14302
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
FhWrY4DCWF+23GvAAL/dA2ol2qD3GiBIlrKDE88hLOqklDY8q1Xi0tG8ixQTGDiJesCoyIpAUy4=
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700045843.178647,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
4053
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 		604 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031467
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
XXQSBGZ3KHXNPPRM
age
14298
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031468
x-amz-meta-mode
33188
content-length
123398
x-amz-id-2
oc65rKHf/4A2XXM35luw3pVlvwg8N7scNOV/IGWmQ0pivxH3ZGWO2cqinOc+eI2RvASE7QY/rhQ=
x-served-by
cache-mxp6976-MXP
last-modified
Wed, 15 Nov 2023 06:57:49 GMT
server
AmazonS3-br
x-timer
S1700045843.178221,VS0,VE0
etag
"e8023cd27890386539e680dcc790152c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3175
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1955307b944c4aee26dee8fe7a273e8485c6497565d225dd08f80be60897fa49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Nov 2023 10:57:23 GMT
request.php
hal900014.redintelligence.net/ Frame 2823
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=02cee3f017&subid=&uid=5424b321f657032e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=02cee3f017&subid=&uid=5424b321f657032e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=02cee3f017&subid=&uid=5424b321f657032e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0bBtEqRUZaWzBYG93gP5oJjgCpHB0Jtpm-iDktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBJECT9BwMDMXWjhkIOXM6lLPnCP6xFyttiENe6LBepvr2je7ntQNNJaRhlB_eFhPlwywsW0Gu2aG6_uGTkmb_nAnjFbZiGBuUdGvJyQYufkvfFdOk851FEybQz1OCIQh3Xl9nwaxCGO2QsIQMDlT-lnUpYI6Y9ShtH1My5ldbn5FB08zxTtuiUUp2Ce_StY0O9ndMrfS8RgYBWviUzxam6ab2TIAIsLlQjfe5Kt7GBn8llPPgHU_BYtLnrOks-5nKJex2Qc4qwwtP-Kjk3Rs3QDF942rXlwfrnQPQUJq0JHKMQDscoBiWuySQBiAtOhn7OPGjjUtRBN0NQnQW1VPJPKcc9qRwgA6ux97gRFVIbUVOI3RwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljVi5Ck7MWCA_IIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjP45Ck7MWCAxWBnncKHXkQBqywE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1DE-3ikdJW6j3AWJOF5NlJhKz2Nw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Cw9NG84Q7cfRcMjst2P8cksUpZ17HIZ1S1-miM9natDryfrFuxDfD2Nok8l3CMy4VwdzgLDx3rZekl7jlvVVQaYXsed7EQtC9TIR4FtHdxloiLQelavmOpI9dcOJ4PW9Yt1GVZUKwEC3z6Iv-CRIeRB1kKAGQ_SEXNKShPQg_OfT6KLeY%26cry%3D1%26dbm_d%3DAKAmf-C7incX2-8Mwh4YCPAHlHDAFnoh0iQm1AsAm4MGVZ7mmwYayiBW4kzZDQNE5yiCrwV77oBtUTXQFEHyhZfazp7OU_DQ7tEcboipLxB8sNgy8rB9aOL66ncPpf37SdrIs0Yc-7E1mjH8VyBfwKvSHTflgORWZRJG6Lju8ycS5EbGAmMXiNnXeDtPYMxcV5B0ksOIi3Mm8X7uFf8YZNZKPB9EnkV5rTmU9p6nnyiGmdZiZOptdjttvnIWyV6LmOV5EoB4t9LEYVwNb-C3twNu2WNLevBRpZ1v6nyy9hnhWGy4zptWUk0MMVX8vEJnmqSeWtFi5hIVL2_bmHe8hId8-UUatX-nIfUX4J86hq34br8U26wkR2ZhJOHWrsf2sBWS0pTPE8DootCvZ8ETNycSrGOtXWtiU7VUrYNjYsD0Dn3ivlEaiw-aG6Suy6lJaCSL0FS5He3nZDn-xhYZSUQx_YsAZk_FYlo4yDW5pljBR2VkBBDtFTkPg2j3C-Z5aEmsczxw3_tj0ct-3fum9fPrI8GZwo5z3oeV0dJIVk8mFwEglxzyYSpP_QOJg-h7ln2e3iUQAsmaDkq3RuVmPQtJKo4w_vEIy-rV1zwb-uAOex-mm0nhbaNDr4hw8DXJiDny3tTnHPzx6B6A5p9nKFtP-O1HhI_M_9nJQbwEoCqjXoioLUlq5r4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3655877796507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
895bd9050603f38661d38658a5ba74502af44d9041f55e2f4e0387de316eb184

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
43401500063257004438466012509014
Connection
close
Content-Length
330
Expires
Wed, 15 Nov 2023 10:57:23 +0100

Redirect headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=02cee3f017&subid=&uid=5424b321f657032e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0bBtEqRUZaWzBYG93gP5oJjgCpHB0Jtpm-iDktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBJECT9BwMDMXWjhkIOXM6lLPnCP6xFyttiENe6LBepvr2je7ntQNNJaRhlB_eFhPlwywsW0Gu2aG6_uGTkmb_nAnjFbZiGBuUdGvJyQYufkvfFdOk851FEybQz1OCIQh3Xl9nwaxCGO2QsIQMDlT-lnUpYI6Y9ShtH1My5ldbn5FB08zxTtuiUUp2Ce_StY0O9ndMrfS8RgYBWviUzxam6ab2TIAIsLlQjfe5Kt7GBn8llPPgHU_BYtLnrOks-5nKJex2Qc4qwwtP-Kjk3Rs3QDF942rXlwfrnQPQUJq0JHKMQDscoBiWuySQBiAtOhn7OPGjjUtRBN0NQnQW1VPJPKcc9qRwgA6ux97gRFVIbUVOI3RwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljVi5Ck7MWCA_IIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjP45Ck7MWCAxWBnncKHXkQBqywE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1DE-3ikdJW6j3AWJOF5NlJhKz2Nw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Cw9NG84Q7cfRcMjst2P8cksUpZ17HIZ1S1-miM9natDryfrFuxDfD2Nok8l3CMy4VwdzgLDx3rZekl7jlvVVQaYXsed7EQtC9TIR4FtHdxloiLQelavmOpI9dcOJ4PW9Yt1GVZUKwEC3z6Iv-CRIeRB1kKAGQ_SEXNKShPQg_OfT6KLeY%26cry%3D1%26dbm_d%3DAKAmf-C7incX2-8Mwh4YCPAHlHDAFnoh0iQm1AsAm4MGVZ7mmwYayiBW4kzZDQNE5yiCrwV77oBtUTXQFEHyhZfazp7OU_DQ7tEcboipLxB8sNgy8rB9aOL66ncPpf37SdrIs0Yc-7E1mjH8VyBfwKvSHTflgORWZRJG6Lju8ycS5EbGAmMXiNnXeDtPYMxcV5B0ksOIi3Mm8X7uFf8YZNZKPB9EnkV5rTmU9p6nnyiGmdZiZOptdjttvnIWyV6LmOV5EoB4t9LEYVwNb-C3twNu2WNLevBRpZ1v6nyy9hnhWGy4zptWUk0MMVX8vEJnmqSeWtFi5hIVL2_bmHe8hId8-UUatX-nIfUX4J86hq34br8U26wkR2ZhJOHWrsf2sBWS0pTPE8DootCvZ8ETNycSrGOtXWtiU7VUrYNjYsD0Dn3ivlEaiw-aG6Suy6lJaCSL0FS5He3nZDn-xhYZSUQx_YsAZk_FYlo4yDW5pljBR2VkBBDtFTkPg2j3C-Z5aEmsczxw3_tj0ct-3fum9fPrI8GZwo5z3oeV0dJIVk8mFwEglxzyYSpP_QOJg-h7ln2e3iUQAsmaDkq3RuVmPQtJKo4w_vEIy-rV1zwb-uAOex-mm0nhbaNDr4hw8DXJiDny3tTnHPzx6B6A5p9nKFtP-O1HhI_M_9nJQbwEoCqjXoioLUlq5r4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3655877796507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 15 Nov 2023 10:57:23 +0100
request.php
hal900015.redintelligence.net/ Frame 97B9
Redirect Chain
  • https://hal900015.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=cdaaa04a11&subid=&uid=efe588953b2c6546&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900015.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=cdaaa04a11&subid=&uid=efe588953b2c6546&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=cdaaa04a11&subid=&uid=efe588953b2c6546&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCssDkEqRUZaSzBYG93gP5oJjgCpHB0Jtp2--DktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBI8CT9Dux5yic-npf32XiWdJ8v8-l2tOBulQHs6dHhbUa8YtdyDMl7jqO2bRPvUcTLYNko7vq_l4gSnU-9YJooPy91cKs-KSn9KGbxnVq-Of2RcS9RbYsN56afF7NX2S9lVj_EoZ4QadqPtOhsl806qqm3W9-f0dSqSaQ8VzlHSrRJ3nUVBGGjVUmxKGPYFC6AMuHX0MLHkhtRwCpoGe1ytvRk4N8glnZmQEgTw7GracQiG_cWMoJv4YagMhsOQ1CzXxbugeFcqcRdrhaNgBvg9QxMXoy7xrGL9tZw1SJFXlKLBrg6Ar5TpQo_hI_X5k9K41inN1mRMuSVAEL0cXgTRUZ7CN3jlAx0s78fqy69aGI8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY1YuQpOzFggPyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMIzuOQpOzFggMVgZ53Ch15EAassBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1bER_5h3QZZ9WK2a0j-sCC4XsgVw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcEf0pKY2UCYLGprPaPjhZ1d4vf4Dnc1B5BYRF2mqM7PkaBVGN_w5e5IpANd99vr0tHZH4xBerFPiMxb5qmRYifiQhDV72bpIOBJ3Y0HrBh1Lxrg1WPI74IQ7nJeszHfMUEg7iXoDO4wZhdBtHYQGsin5WL7LAoE1wP9ngHWQs0dAgDIs%26cry%3D1%26dbm_d%3DAKAmf-DNJrAnBB3wRNIlh65EZsZJ9StZrdgS4ffmYlkqzg_tUeFnVihuAP-LB6PAwiFcaVJI7qI5n0yEMHSdm6lSqZP5rrY2lP4my4kMkLB6Wx_ieKipWMdjWLCgTqCKOF75icYGg96A95hlG93PrCn6OPmD6UNACsEn4j6xzL0rMfaRNLtHtdpbXznnTgmhsCUphUV41ApBVrEiyukEKBrSmaVZvYjHM8wZY7JUAFHJ92LRypbthhGvpO6fY4NfLXrtQZHrWOUe2EdkegnkJqjcYYAzC4bXxstjm6FeNV8tbKNHzQKfbfLa0diGyQNQ1MvjwVEbmLM6NWEV8VVbnFjxUqEIAH-G9KFSewRNSRqxzfQzutPazzjfjozmK8AwIo9ksYKc6BgHvbzbLs7f7fQvoNazC54NrWcFVlEFPdP6na0ypHydfaAIoSn2so-NnzjWwTkJwLVEBdSaxj8vfYgeJpGKlhICFKfdbboP4BJZkwZfrQT7Kf2VwRVfCTkNeEQfHTojukFdO8P4vLRpxu-_uK2sqKJuMNRflwVkvX4gTTSVcznTPIyspIPH8x50EDzxzwYlROgqvuTV4k6PIam4Vf7_BekVzDne2R2MteCewwhN320sAink6P7uRvOcpAxBTcigyReDYbMZNJdOT7TqeidAe9bnyjZlqJyZRAoyYMfSvPFqZlQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3444455260752&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2609da3252bf5f5cde58c3dbfa755b745aa6fc062c0ae46e4cff5a18794ddbeb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
60543900066076204438446012509015
Connection
close
Content-Length
330
Expires
Wed, 15 Nov 2023 10:57:23 +0100

Redirect headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=cdaaa04a11&subid=&uid=efe588953b2c6546&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCssDkEqRUZaSzBYG93gP5oJjgCpHB0Jtp2--DktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBI8CT9Dux5yic-npf32XiWdJ8v8-l2tOBulQHs6dHhbUa8YtdyDMl7jqO2bRPvUcTLYNko7vq_l4gSnU-9YJooPy91cKs-KSn9KGbxnVq-Of2RcS9RbYsN56afF7NX2S9lVj_EoZ4QadqPtOhsl806qqm3W9-f0dSqSaQ8VzlHSrRJ3nUVBGGjVUmxKGPYFC6AMuHX0MLHkhtRwCpoGe1ytvRk4N8glnZmQEgTw7GracQiG_cWMoJv4YagMhsOQ1CzXxbugeFcqcRdrhaNgBvg9QxMXoy7xrGL9tZw1SJFXlKLBrg6Ar5TpQo_hI_X5k9K41inN1mRMuSVAEL0cXgTRUZ7CN3jlAx0s78fqy69aGI8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY1YuQpOzFggPyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMIzuOQpOzFggMVgZ53Ch15EAassBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1bER_5h3QZZ9WK2a0j-sCC4XsgVw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcEf0pKY2UCYLGprPaPjhZ1d4vf4Dnc1B5BYRF2mqM7PkaBVGN_w5e5IpANd99vr0tHZH4xBerFPiMxb5qmRYifiQhDV72bpIOBJ3Y0HrBh1Lxrg1WPI74IQ7nJeszHfMUEg7iXoDO4wZhdBtHYQGsin5WL7LAoE1wP9ngHWQs0dAgDIs%26cry%3D1%26dbm_d%3DAKAmf-DNJrAnBB3wRNIlh65EZsZJ9StZrdgS4ffmYlkqzg_tUeFnVihuAP-LB6PAwiFcaVJI7qI5n0yEMHSdm6lSqZP5rrY2lP4my4kMkLB6Wx_ieKipWMdjWLCgTqCKOF75icYGg96A95hlG93PrCn6OPmD6UNACsEn4j6xzL0rMfaRNLtHtdpbXznnTgmhsCUphUV41ApBVrEiyukEKBrSmaVZvYjHM8wZY7JUAFHJ92LRypbthhGvpO6fY4NfLXrtQZHrWOUe2EdkegnkJqjcYYAzC4bXxstjm6FeNV8tbKNHzQKfbfLa0diGyQNQ1MvjwVEbmLM6NWEV8VVbnFjxUqEIAH-G9KFSewRNSRqxzfQzutPazzjfjozmK8AwIo9ksYKc6BgHvbzbLs7f7fQvoNazC54NrWcFVlEFPdP6na0ypHydfaAIoSn2so-NnzjWwTkJwLVEBdSaxj8vfYgeJpGKlhICFKfdbboP4BJZkwZfrQT7Kf2VwRVfCTkNeEQfHTojukFdO8P4vLRpxu-_uK2sqKJuMNRflwVkvX4gTTSVcznTPIyspIPH8x50EDzxzwYlROgqvuTV4k6PIam4Vf7_BekVzDne2R2MteCewwhN320sAink6P7uRvOcpAxBTcigyReDYbMZNJdOT7TqeidAe9bnyjZlqJyZRAoyYMfSvPFqZlQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3444455260752&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 15 Nov 2023 10:57:23 +0100
usync.js
eus.rubiconproject.com/ Frame 4D62 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6330f30714835990abd39bca7dc7fd4c331adbdfc0a1c842903bf9f2d19810c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Nov 2023 16:28:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19878
Connection
keep-alive
Content-Length
13281
Expires
Wed, 15 Nov 2023 16:28:41 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5141 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:55:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
3697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 09:55:46 GMT
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-164
cdn-cachedat
10/31/2023 18:59:58
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
965b26226d811a89760e2ed0f2bc87b5
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-676
cdn-cachedat
11/15/2023 02:37:50
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
88e01bcf73160caeeb7dfa8b7f9f4f1d
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:50:43
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
b7b3f4e4e8e0e46c32ee5b903d6c67da
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-168
cdn-cachedat
10/31/2023 18:50:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
477c041b63d1365602702b02dc880cf7
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ Frame 0542 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26e59ea15b24ae097879c73b72c4addde2ace144bee938b5e763ddae5d819b97

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ Frame 1E00 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 1E00
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34339

Redirect headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 1E00 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adview
googleads.g.doubleclick.net/pagead/ Frame 0542 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CI1IJEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE0gJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTlQM-RaH8pAGdzGzu-LKeR8iD-GZHKcHFUgXbcJYliuRi8crOJV14AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=PuT3dmq4CVY&uach_m=[UACH]&cid=CAQSPADICaaNqJ-ApR9GMes-AkFQlLNgAw6-YbIaAW5dWtgEjaO8iDLpWgcsKD1DJ1yVvh07BYlkajQWDpVqvxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 15 Nov 2023 10:57:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 0542 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k5vwFIbWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQEqRUZc9JuV5MscKHLsQAABIAAAoKQVFVQkR3RUJEdw&wp=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:22 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
154881
server
Kestrel
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 10A3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Cn1AGQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame A3AF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Nov 2024 10:57:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A3AF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Nov 2024 10:57:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A3AF 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 09 Nov 2024 10:57:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A3AF 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 09 Nov 2024 10:57:23 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A3AF 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=7JYJgVP8L6ILSYAKPO48__Nvtvxl4e2Mht_ff7jlqakpQbuBaRZU3biJaQHPHtg8Te0ZQ8X5MVDV_FPzuOl8jsiHilkLPSy7dNinrCU22D6f7-gvcYniffmTEkXqW9JKMji9nVEJ1bl4-8EhOF6DJdy1YlLpWZuOUSykwjne3Qmskc7dfWnoFit8Ib9R_45pEinW_rygqfHeltzk4aH49uCg8gn63-7MyaAoK8ZholCh8SR_6uPSL2qxCU1gG3xQpBLdqPYD2BPjY5T_Yeie5feIcJ0Z2PQueEy1tLtcz_UcEJxC0wRr62dOU9ungXHplsqUgGWz32vT1dN5Qqy93AKEUxjU0xaBxGAHisgJ95Za3ltYdaT3m3ccmjST7GysF2Gs66Vp34GJsLRchzrS_ncS-hLKEROijKOHRQl9W7jGlM0m
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1964892
expires
Mon, 26 Jul 1997 05:00:00 GMT
7ad9e03645c9411895ed6b0beac2c756_image_ad_336x280.jpeg
static.criteo.net/design/dt/99645/5098040/ Frame A3AF 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99645/5098040/7ad9e03645c9411895ed6b0beac2c756_image_ad_336x280.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c4a0001ce4213c875de63dc18782f57b299bfb48d0325863f5f4544b6ee9e93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 13 Nov 2023 08:40:35 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6551e103-20ffa"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
135162
expires
Sat, 09 Nov 2024 10:57:23 GMT
dpixel
cms.quantserve.com/ Frame 6DE0 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDb45K4YWb5MVQpYrQXpbNg&google_cver=1&google_push=AXcoOmTjas7GtQEDVCZzH3bFWIKzAQrnm4c-Ht15XXWTjwVKiJ3EhTZUG3bAciHYON2d7q0h1e4uzH1I55HDgQ5OClQ4brt3JAip
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DE0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXhWOWFCMDExUjNkQWY1&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&google_cver=1&google_push=AXcoOmRG_y6Q_OyJzG7RAkwLfCVTc69VwWGGmnQKdZ7Zui2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXhWOWFCMDExUjNkQWY1&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&google_cver=1&google_push=AXcoOmRG_y6Q_OyJzG7RAkwLfCVTc69VwWGGmnQKdZ7Zui2YXT5HlyIkSucsNPeVwqdZu8xm3yaN-eBmiT7MSnS0IJWI17op-T1T
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:22 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SXhWOWFCMDExUjNkQWY1&google_gid=CAESEBZ63tNVd7iapXbXe_NNj80&google_cver=1&google_push=AXcoOmRG_y6Q_OyJzG7RAkwLfCVTc69VwWGGmnQKdZ7Zui2YXT5HlyIkSucsNPeVwqdZu8xm3yaN-eBmiT7MSnS0IJWI17op-T1T
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DE0
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAhYG6r5V8iCTR_RyZe2psM&google_cver=1&google_push=AXcoOmTFAkNcR4ilW710UfQEQrVW1FJyvwxa9srjSLyRtJfBJTQMDwHQAP6bxfVrTIGZ4zYjbATIJXA2xxJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTFAkNcR4ilW710UfQEQrVW1FJyvwxa9srjSLyRtJfBJTQMDwHQAP6bxfVrTIGZ4zYjbATIJXA2xxJ9CYEgaAwN-9alQKzC&google_hm=_zqg4TKkSbySHBFtKOIiOwU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTFAkNcR4ilW710UfQEQrVW1FJyvwxa9srjSLyRtJfBJTQMDwHQAP6bxfVrTIGZ4zYjbATIJXA2xxJ9CYEgaAwN-9alQKzC&google_hm=_zqg4TKkSbySHBFtKOIiOwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTFAkNcR4ilW710UfQEQrVW1FJyvwxa9srjSLyRtJfBJTQMDwHQAP6bxfVrTIGZ4zYjbATIJXA2xxJ9CYEgaAwN-9alQKzC&google_hm=_zqg4TKkSbySHBFtKOIiOwU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DE0
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBPUWlBBCJNDvS4y8lxuo_E&google_cver=1&google_push=AXcoOmRQeiBZIDrItqUXjMv5y31hOvjfLMbR692lsBqa6EI1p7cN6gW4s12l3EmWBXIZXyaUnT0VPhWot5is1w0w4kra3kZllbI
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852668941767&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852668941767&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=852668941767&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6DE0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_hm=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&google_nid=index&google_push=AXcoOmSYCN9yW4WclaEW3MmjoWCYSIj6-lUrW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_hm=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&google_nid=index&google_push=AXcoOmSYCN9yW4WclaEW3MmjoWCYSIj6-lUrW4Mdp8YwIITLCWfQB_DPvd6RZkAXhY3YE4vS99PEmHHMqRt61yPu6LeKhlwUc3jZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60buVCYmrtrqsTDycXm1n3N7%2Bjh2Nv3B02UnPdl%2Fh5%2FM4uD107ZB89WNiU7DbyZL1dMBMz2Hj0uF02PWz6nW%2BZZtsp6KmDL3IBqf34lkRBbKr%2BlJywxQGP3VJbh9bGOctdL5lk0tsVYeyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_hm=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&google_nid=index&google_push=AXcoOmSYCN9yW4WclaEW3MmjoWCYSIj6-lUrW4Mdp8YwIITLCWfQB_DPvd6RZkAXhY3YE4vS99PEmHHMqRt61yPu6LeKhlwUc3jZ
cache-control
no-cache
cf-ray
8266f918ce8323af-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6DE0
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTmp98eKrdJfCkKs76BjKCZ64hyTIfldPHBLH_4srFX1m86mXZ_pzEf9gcuCGfD1lF_o6nP7YqfP9...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTmp98eKrdJfCkKs76BjKCZ64hyTIfldPHBLH_4srFX1m86mXZ_pzEf9gcuCGfD1lF_o6nP7YqfP9HwBJAoGPFsQkn6Bjl4&google_hm=88b28cb9-490f-4de0-a5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTmp98eKrdJfCkKs76BjKCZ64hyTIfldPHBLH_4srFX1m86mXZ_pzEf9gcuCGfD1lF_o6nP7YqfP9HwBJAoGPFsQkn6Bjl4&google_hm=88b28cb9-490f-4de0-a502-23ebbbf43de1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-94
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTmp98eKrdJfCkKs76BjKCZ64hyTIfldPHBLH_4srFX1m86mXZ_pzEf9gcuCGfD1lF_o6nP7YqfP9HwBJAoGPFsQkn6Bjl4&google_hm=88b28cb9-490f-4de0-a502-23ebbbf43de1
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DE0
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEJDPhSrR4GAptRjQDzKGiTw&google_cver=1&google_push=AXcoOmTp7Ox7IccdandTPrIMhVyHhsaqVaZMUd8UPtKeNl0Six9UZSB_p5IMi7ABUKLB72RhCdoksj8Y42X9YI-iC_UzIPOFvev1
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&mn_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTp7Ox7IccdandTPrIMhVyHhsa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&mn_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTp7Ox7IccdandTPrIMhVyHhsaqVaZMUd8UPtKeNl0Six9UZSB_p5IMi7ABUKLB72RhCdoksj8Y42X9YI-iC_UzIPOFvev1&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:23 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&mn_hm=MzQzMDQ3NDQzNzI1MTc4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTp7Ox7IccdandTPrIMhVyHhsaqVaZMUd8UPtKeNl0Six9UZSB_p5IMi7ABUKLB72RhCdoksj8Y42X9YI-iC_UzIPOFvev1&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 15 Nov 2023 10:57:23 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6DE0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHa3R_WVV8ChFHqrkhgggtrwX2qBa-fwkJZFKxbU87_EzHIh9TsO1YNcSa4Ve62j8QZnOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
8fa78277-7196-429a-a62a-1d6a5606d04c
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/8fa78277-7196-429a-a62a-1d6a5606d04c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 080D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:55:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
3697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 09:55:46 GMT
khaos.json
token.rubiconproject.com/ Frame 4D62 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LOZNEET6-1Q-1N34
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
all
csm.eu.criteo.net/ Frame A3AF 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bvRXMy3_IYzN5p1pDvsewkk6AItqGWBTKP4RnPvtUXOXqvYErk7je7pY_3Oun5KEwdhirtLwPMG9ko_P2SS9p9qvA35AAtaE6axQhHQoWGqebzqMcM0SU2EDhD69mktSWVrL4duTHeadYij9Bi0qvOhPply8yd6SHGiQYVt70UuUTGZltyClCYhSmOG1ODZ_YqjRY0mKRG_QZZEGuS-K-65haeFLTGUaUa306_Vd7ukX-tl0QTJJePlbEcpI_GmPkSIHXA&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 15 Nov 2023 10:57:22 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A3AF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Nov 2024 10:57:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A3AF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVSkEgAMQW4K4DoTAA1FbnSTMQ0KhuSkKcIEug&u=%7CLG7PgOiL7EVFaTwFzpjCnVOG8L%2BcivBhv8yLc1kk8i0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5gGJPbmPaWYa0zxr0T-Y2HTe9td_StnwqJM_lEcHilDqUeqmrpyrwDXcwFVwJjKCXxsAqbxyIcGu2zQZ4wmqgOL_AuGrUr9jF1wE8DVhj7eKv0l2RhDh2kvXYt3e7CTF1KzRY0szt3fT5Xp1Cec2fUEJo388qbHtwG0TzkQgZcTKwgQSHRGA-zwo9iQeQwgwLp48cjsAJ8zcv5DG-lYRfj-3tfmxLpasFsrx6xhn7IuFepcwRxKPTCJDmCPaUvDBqs3BulWHpgwbKCk_90l3vRoHJhe74_VJt2IszzA6I1TNh5TmMhcmI6Yk8knD86PIyU6e0GgLkTjQKoVBquRR6tKoFFSwnKITY4tASPZILCd6tGzDNPNSHyrQbFeBWwE7kkXzAEB3ronGaF2xQvM7KQcfjGl19ZdiFDcyMFznsEq0i6-y0v7_EwdA_nFFsj7Vhur4WKMWSQJSKtIVRU3x_okj9NpcdEczs_WJeaCZLHrhKvka2JaZp8M96Z6LCnFw126o0LDWLqbmp37TX_huG3sR6FzPzbnjPAV_B3bBXAScIMCsqvZB3sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb2wCEqRUZe6CMZP0gAfuirWoAsme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQI9mh0vtj2yPqgDAcgDAqoE1QJP0CR5qnqqdPh6oE9HY4zq5vW5-LreLchRZjyx_uHvHALguBn2SipZL1Q65ujlZgLekv3jlv9vNP3kTMKmlKZ5K6KvQq2d3ihiDA1L71sP1G7aPWraLAQ0L3-PAJu7Bnb40EoGjA3YhDRws2Q3SyR6nF-k9AcciuyhF_JOUoTZjZ2PKLUf_cNUk4HWt6_3zbW57Esrz3V5FAL8hf7X_ODwYk7Wdsw7eA7Ki_GbhJl1ULbMALnJNYtGUMVdbdgT5w5PbtXHrazOAn39L3vPQSi6j4Tkf43KwzPPZkA0HbPuWRLZVPpzWw4FMaLBREw5v5sxGbiv9C_WuOvV2HWNnQBNCXV47Cyx0VvK1vs3mfu5llc5mx4ZBW0NOZ6SQ0M5KjtcoQ2lEQ8fvmv8pTkSMcXIn1mQJHoW6TUHCQ3YhhiM0niyBNeUlYqvkOewajeEZnZ1PrkNP4AG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOliqu7-k7MWCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UXcjRuVHaj7W7zWjUIDjlOv-E4g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Nov 2024 10:57:23 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700045840912&gcd=11l1l1l1l1&dma=0&cid=1672339767.1700045841&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700045843&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dt=%E8%AA%8D%E8%AD%98%E7%9A%84%E5%A5%B3%E4%BA%BA%E9%83%BD%E5%8F%AB%E4%BE%86%EF%BC%81%E5%8B%9D%E5%88%A9%E6%80%A7%E6%8B%9B%E5%BE%85%E6%97%A5%E5%95%86%E9%82%84%E4%BB%94%E7%B4%B0%E5%8F%AE%E5%9B%91%E3%80%8C%E7%99%BE%E5%80%8D%E5%A5%89%E9%82%84%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=4941
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
im-uid.js
dmp.im-apps.net/sdk/ Frame FF08 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Wed, 15 Nov 2023 10:57:23 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
expires
Wed, 15 Nov 2023 13:57:23 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 46c9f6285b432bb7ca825d1b5670a6b0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP64-C1
age
2594617
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1700045844.530870,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
GYJJg7cHa9StY_p8FziuGzT8rJ8lRYh0JE2SiZPd1FnWWMlxlyRlkA==
x-cache-hits
19753
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.9/ 		431 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.9/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
daa56b64ea6d4e7e71f991057578eae95223b10fd0865a930217382f9720c386

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1699956059
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
JFKG9QR7FWRJYEFG
age
89734
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1699956073
x-amz-meta-mode
33188
content-length
82297
x-amz-id-2
rSW+lm3aO/EH0q9xOU91dCOKJSiHG6vcXy17KaWcstBOHnImkh1CKR154cmARGDwia7m2nwHPNo=
x-served-by
cache-mxp6976-MXP
last-modified
Tue, 14 Nov 2023 10:01:14 GMT
server
AmazonS3-br
x-timer
S1700045844.547033,VS0,VE0
etag
"1e2e8eeda08ecc9e1e06779d6a18df25"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
7652
sync
am-match.taboola.com/ Frame 50EF 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9316571d92ecefaf9773937c1e4cf6003be9c8bd2059f6a5174e0ada0f1bb3a3

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 15 Nov 2023 10:57:23 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66622845&crid=6926735&dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&cmcv=&pix=31579697&cb=1700045843539&uv=3358&tms=1700045843539&su=3&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-length
0
server
nginx
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=11657&tvi50=9058&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
98
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
80444
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6923-MXP
pragma
no-cache
server
nginx
x-timer
S1700045844.590683,VS0,VE98
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5410 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7783dfb9454a164a578f15a0c42b7ac16e969ea15936f06afd26348b7ded37ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12357
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55685380e9a7d5033d7c5223f6a0d34adfe402cefd443c626510decaae9e56c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92944
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Nov 2023 10:57:23 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e5a8a850c14c9488bcb7a7c7715cc8b4d5848b887d18ea29e8a431d90d80e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92845
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Nov 2023 10:57:23 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 3bbd9c639a192694d597e09ea3006bce.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MXP53-P3
age
2597404
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-mxp6923-MXP
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700045844.590821,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
rwv7OLZdAtEftvukpuYs4xNlsLRSkpDbrV3q9Gctrh9YYok5D3MY9Q==
x-cache-hits
236965
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 varnish
x-amz-request-id
DM4PFN0WZV5ZS5NS
age
12552
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700045844.594179,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
76
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3438
request_content.php
hal900014.redintelligence.net/ Frame 409C 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=02cee3f017&subid=&uid=5424b321f657032e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0bBtEqRUZaWzBYG93gP5oJjgCpHB0Jtpm-iDktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBJECT9BwMDMXWjhkIOXM6lLPnCP6xFyttiENe6LBepvr2je7ntQNNJaRhlB_eFhPlwywsW0Gu2aG6_uGTkmb_nAnjFbZiGBuUdGvJyQYufkvfFdOk851FEybQz1OCIQh3Xl9nwaxCGO2QsIQMDlT-lnUpYI6Y9ShtH1My5ldbn5FB08zxTtuiUUp2Ce_StY0O9ndMrfS8RgYBWviUzxam6ab2TIAIsLlQjfe5Kt7GBn8llPPgHU_BYtLnrOks-5nKJex2Qc4qwwtP-Kjk3Rs3QDF942rXlwfrnQPQUJq0JHKMQDscoBiWuySQBiAtOhn7OPGjjUtRBN0NQnQW1VPJPKcc9qRwgA6ux97gRFVIbUVOI3RwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljVi5Ck7MWCA_IIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjP45Ck7MWCAxWBnncKHXkQBqywE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1DE-3ikdJW6j3AWJOF5NlJhKz2Nw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-Cw9NG84Q7cfRcMjst2P8cksUpZ17HIZ1S1-miM9natDryfrFuxDfD2Nok8l3CMy4VwdzgLDx3rZekl7jlvVVQaYXsed7EQtC9TIR4FtHdxloiLQelavmOpI9dcOJ4PW9Yt1GVZUKwEC3z6Iv-CRIeRB1kKAGQ_SEXNKShPQg_OfT6KLeY%26cry%3D1%26dbm_d%3DAKAmf-C7incX2-8Mwh4YCPAHlHDAFnoh0iQm1AsAm4MGVZ7mmwYayiBW4kzZDQNE5yiCrwV77oBtUTXQFEHyhZfazp7OU_DQ7tEcboipLxB8sNgy8rB9aOL66ncPpf37SdrIs0Yc-7E1mjH8VyBfwKvSHTflgORWZRJG6Lju8ycS5EbGAmMXiNnXeDtPYMxcV5B0ksOIi3Mm8X7uFf8YZNZKPB9EnkV5rTmU9p6nnyiGmdZiZOptdjttvnIWyV6LmOV5EoB4t9LEYVwNb-C3twNu2WNLevBRpZ1v6nyy9hnhWGy4zptWUk0MMVX8vEJnmqSeWtFi5hIVL2_bmHe8hId8-UUatX-nIfUX4J86hq34br8U26wkR2ZhJOHWrsf2sBWS0pTPE8DootCvZ8ETNycSrGOtXWtiU7VUrYNjYsD0Dn3ivlEaiw-aG6Suy6lJaCSL0FS5He3nZDn-xhYZSUQx_YsAZk_FYlo4yDW5pljBR2VkBBDtFTkPg2j3C-Z5aEmsczxw3_tj0ct-3fum9fPrI8GZwo5z3oeV0dJIVk8mFwEglxzyYSpP_QOJg-h7ln2e3iUQAsmaDkq3RuVmPQtJKo4w_vEIy-rV1zwb-uAOex-mm0nhbaNDr4hw8DXJiDny3tTnHPzx6B6A5p9nKFtP-O1HhI_M_9nJQbwEoCqjXoioLUlq5r4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3655877796507&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
587d7b08db52f6a97e39338478246056b0ec24737f96d8e87b236088da9adb6b

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2283
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Nov 2023 10:57:23 GMT
Expires
Wed, 15 Nov 2023 10:57:23 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
d1422a4c-60ca-4de6-874b-f4abb6cca4f3
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/d1422a4c-60ca-4de6-874b-f4abb6cca4f3
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
7bbcc67f-48ec-47a5-8ef7-bd41f1a14f1b
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/7bbcc67f-48ec-47a5-8ef7-bd41f1a14f1b
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
request_content.php
hal900015.redintelligence.net/ Frame D911 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=60543900066076204438446012509015&a=71e68eb5
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=cdaaa04a11&subid=&uid=efe588953b2c6546&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCssDkEqRUZaSzBYG93gP5oJjgCpHB0Jtp2--DktwP8C4QASC6hMAzYPUFyAEJqQJvC-bjxkGyPqgDAcgDmwSqBI8CT9Dux5yic-npf32XiWdJ8v8-l2tOBulQHs6dHhbUa8YtdyDMl7jqO2bRPvUcTLYNko7vq_l4gSnU-9YJooPy91cKs-KSn9KGbxnVq-Of2RcS9RbYsN56afF7NX2S9lVj_EoZ4QadqPtOhsl806qqm3W9-f0dSqSaQ8VzlHSrRJ3nUVBGGjVUmxKGPYFC6AMuHX0MLHkhtRwCpoGe1ytvRk4N8glnZmQEgTw7GracQiG_cWMoJv4YagMhsOQ1CzXxbugeFcqcRdrhaNgBvg9QxMXoy7xrGL9tZw1SJFXlKLBrg6Ar5TpQo_hI_X5k9K41inN1mRMuSVAEL0cXgTRUZ7CN3jlAx0s78fqy69aGI8AE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY1YuQpOzFggPyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMIzuOQpOzFggMVgZ53Ch15EAassBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB%26sig%3DAOD64_1bER_5h3QZZ9WK2a0j-sCC4XsgVw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcEf0pKY2UCYLGprPaPjhZ1d4vf4Dnc1B5BYRF2mqM7PkaBVGN_w5e5IpANd99vr0tHZH4xBerFPiMxb5qmRYifiQhDV72bpIOBJ3Y0HrBh1Lxrg1WPI74IQ7nJeszHfMUEg7iXoDO4wZhdBtHYQGsin5WL7LAoE1wP9ngHWQs0dAgDIs%26cry%3D1%26dbm_d%3DAKAmf-DNJrAnBB3wRNIlh65EZsZJ9StZrdgS4ffmYlkqzg_tUeFnVihuAP-LB6PAwiFcaVJI7qI5n0yEMHSdm6lSqZP5rrY2lP4my4kMkLB6Wx_ieKipWMdjWLCgTqCKOF75icYGg96A95hlG93PrCn6OPmD6UNACsEn4j6xzL0rMfaRNLtHtdpbXznnTgmhsCUphUV41ApBVrEiyukEKBrSmaVZvYjHM8wZY7JUAFHJ92LRypbthhGvpO6fY4NfLXrtQZHrWOUe2EdkegnkJqjcYYAzC4bXxstjm6FeNV8tbKNHzQKfbfLa0diGyQNQ1MvjwVEbmLM6NWEV8VVbnFjxUqEIAH-G9KFSewRNSRqxzfQzutPazzjfjozmK8AwIo9ksYKc6BgHvbzbLs7f7fQvoNazC54NrWcFVlEFPdP6na0ypHydfaAIoSn2so-NnzjWwTkJwLVEBdSaxj8vfYgeJpGKlhICFKfdbboP4BJZkwZfrQT7Kf2VwRVfCTkNeEQfHTojukFdO8P4vLRpxu-_uK2sqKJuMNRflwVkvX4gTTSVcznTPIyspIPH8x50EDzxzwYlROgqvuTV4k6PIam4Vf7_BekVzDne2R2MteCewwhN320sAink6P7uRvOcpAxBTcigyReDYbMZNJdOT7TqeidAe9bnyjZlqJyZRAoyYMfSvPFqZlQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=3444455260752&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b7e55008a1b307ebbf3b016ee46b15d63885ad2505330ef1ea6d249618a842c6

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1413
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Nov 2023 10:57:23 GMT
Expires
Wed, 15 Nov 2023 10:57:23 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A8B4 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
66926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Wed, 15 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2823 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f80cd0a56330fc05f4b0b70342e4428223a6da66e375c8ea03bbdac1450fb29d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ Frame 50EF 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 50EF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32849

Redirect headers

date
Wed, 15 Nov 2023 10:57:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-XIQckTVE2oTNV6qeUS1lWO_S9D1eloQKTH2vzw--~A
content-length
0
sync
x.bidswitch.net/ Frame 50EF 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AFF9 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
66926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Wed, 15 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
get
audiencedata.im-apps.net/imuid/ Frame FF08 		10 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HF9A1V7BH3FRJS5DM9AMY0HG
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 15 Nov 2023 10:57:23 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5410 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 10:57:23 GMT
truncated
/ Frame 97B9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
592f777bd520b435c5e6514eeadb41691a3d20629e25cd5cd6dccd2b2dd8154f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 409C 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 05:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
364970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 05:34:33 GMT
S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 409C 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-970x90.gif
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:23 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:53 GMT
Server
nginx
ETag
"5b55f219-5fce"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24526
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:34
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
53b3a4035255b7313b499b11f395f968
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
S-300x75.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame D911 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x75.gif
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60543900066076204438446012509015&a=71e68eb5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:23 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-2f74"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
12148
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1054 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:25
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-1054
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
1587a030f35aca1dd5ccce03208650b6
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
bridge3.603.0_en.html
imasdk.googleapis.com/js/core/ Frame D587 		756 KB
243 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
108633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
248265
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 04:46:50 GMT
expires
Wed, 13 Nov 2024 04:46:50 GMT
last-modified
Thu, 09 Nov 2023 20:21:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Nov 2023 10:57:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F3B6 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 15 Nov 2023 11:55:32 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
e27319029996ae7c87c00085a7388ecb
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
viewability
hal900015.redintelligence.net/ Frame D911 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=60543900066076204438446012509015&a=6faa0deb&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60543900066076204438446012509015&a=71e68eb5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=60543900066076204438446012509015&a=71e68eb5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:23 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame D911 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
i.match
s.tribalfusion.com/z/ Frame A8B4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBJNLjtAQNphj9IctxHwQuI&google_cver=1&google_push=AXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBJNLjtAQNphj9IctxHwQuI&google_cver=1&google_push=AXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6diebo...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBJNLjtAQNphj9IctxHwQuI&google_cver=1&google_push=AXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8266f91e3977f124-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1613
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBJNLjtAQNphj9IctxHwQuI&google_cver=1&google_push=AXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRFskVfMeCWvhU1zHh7cAr7T5JI_sTNgwghKN84k3hXQIudnhQ9lUFxXQJshXThM2QuKIHP86l2siTQGY-70GMCZ6dieboI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8266f91d0fedf124-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8B4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKASOsNjsYS6n6rdK6tzYc0&google_cver=1&google_push=AXcoOmSihcO0bRTmGiBhCu-RHLyyjxsBPKWZLZRzGyn_BN8OsuLiZjiQMjcZaSUGuqosO1ZEIO7_O...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSihcO0bRTmGiBhCu-RHLyyjxsBPKWZLZRzGyn_BN8OsuLiZjiQMjcZaSUGuqosO1ZEIO7_OugI3_-xI-k6yW2nT0Fur7Q-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSihcO0bRTmGiBhCu-RHLyyjxsBPKWZLZRzGyn_BN8OsuLiZjiQMjcZaSUGuqosO1ZEIO7_OugI3_-xI-k6yW2nT0Fur7Q-
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 15 Nov 2023 10:57:23 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 37E4481871994A59946AB977AE7E0560 Ref B: VIEEDGE2116 Ref C: 2023-11-15T10:57:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSihcO0bRTmGiBhCu-RHLyyjxsBPKWZLZRzGyn_BN8OsuLiZjiQMjcZaSUGuqosO1ZEIO7_OugI3_-xI-k6yW2nT0Fur7Q-
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKLsSiUvvOjRC5vfIlPg==
pixel
cm.g.doubleclick.net/ Frame A8B4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFNpepKOi5arGoTQqqxgQXs&google_cver=1&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhPrzQu9...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFNpepKOi5arGoTQqqxgQXs&google_cver=1&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2MTk5Mjg3MTUyMDU1NTE4OQ&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhPrzQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2MTk5Mjg3MTUyMDU1NTE4OQ&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhPrzQu9KYJq1TAmGn_1DgST_qc
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg2MTk5Mjg3MTUyMDU1NTE4OQ&google_push=AXcoOmSaCetbjC72xOnfUDLglMQftLBYK0LW4DPYj1ArLTDzqkpWI1T0aNfpWgRgU7-T0s6cOhPrzQu9KYJq1TAmGn_1DgST_qc
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame A8B4
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQCj2q4X77q6U-0aX8ECXIftY4DelXMnwxpiCyyRUDAPKeDPMfaPbMErMFUnEeWYnr0qo5qSWztHe...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQCj2q4X77q6U-0aX8ECXIftY4DelXMnwxpiCyyRUDAPKeDPMfaPbMErMFUnEeWYnr0qo5qSWztHexh6gd_jheH3VKw8mbz&google_hm=88b28cb9-490f-4de0-a5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQCj2q4X77q6U-0aX8ECXIftY4DelXMnwxpiCyyRUDAPKeDPMfaPbMErMFUnEeWYnr0qo5qSWztHexh6gd_jheH3VKw8mbz&google_hm=88b28cb9-490f-4de0-a502-23ebbbf43de1
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-94
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQCj2q4X77q6U-0aX8ECXIftY4DelXMnwxpiCyyRUDAPKeDPMfaPbMErMFUnEeWYnr0qo5qSWztHexh6gd_jheH3VKw8mbz&google_hm=88b28cb9-490f-4de0-a502-23ebbbf43de1
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8B4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSLD6X7FtoQ5fAGKQe-e...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo&google_hm=AykbxdljTEY7qHukeZ8y-PE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo&google_hm=AykbxdljTEY7qHukeZ8y-PE
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLD6X7FtoQ5fAGKQe-eJnwrO7iJo7GW2qteNafy3EaZ-aX8SybGXdXC52mrl5Gnq5F73WfEs700bDhq0YZBXsK4p23rKoo&google_hm=AykbxdljTEY7qHukeZ8y-PE
date
Wed, 15 Nov 2023 10:57:24 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX291bc5d9634c463ba87ba4799f32f8f1003
content-type
text/html
/
cc.adingo.jp/adx/push/ Frame A8B4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEON0qpTgWKAQpJFBFMkUJ8I&google_cver=1&google_push=AXcoOmQPcXvG0Zfd_8rSYIIVn7L44FmU2jRrkmPpV5oRzrPH8D1zNw3-9maY20xczGjPlz3GmS5iG6R2YoeGxhjK5771TVBBZYId
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.50.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-50-241.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame A8B4
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRedM-JZXwlW3186wQJuzC2qTl3WziLiOlF8hVf9ydbW7yuh_6v151GHt2Y53i7trA5w1iIXEboRCF13zJzyfSjQlCNLLBDjg&google_gid=CAESEM8BuvCKwDA...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVYjlhZjQ5MTBmNzNkNGFkZmFmYjY4ZjZlZGFhZGZlOTI&google_nid=opera_norway_as&google_push=AXcoOmRedM-J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVYjlhZjQ5MTBmNzNkNGFkZmFmYjY4ZjZlZGFhZGZlOTI&google_nid=opera_norway_as&google_push=AXcoOmRedM-JZXwlW3186wQJuzC2qTl3WziLiOlF8hVf9ydbW7yuh_6v151GHt2Y53i7trA5w1iIXEboRCF13zJzyfSjQlCNLLBDjg
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVYjlhZjQ5MTBmNzNkNGFkZmFmYjY4ZjZlZGFhZGZlOTI&google_nid=opera_norway_as&google_push=AXcoOmRedM-JZXwlW3186wQJuzC2qTl3WziLiOlF8hVf9ydbW7yuh_6v151GHt2Y53i7trA5w1iIXEboRCF13zJzyfSjQlCNLLBDjg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A8B4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-LSCpgXQqZBxtnRVPY_iDqChgxX_fsAGljSLZTIMdYLOzbDq78s_hSqMUEzvxAD1zzWt4QQ
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
31db4872-b59b-4c36-9caf-8392dfc0f605
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/31db4872-b59b-4c36-9caf-8392dfc0f605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
9b9468f0-b6d3-4c1f-9318-b2fdf60917c1
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/9b9468f0-b6d3-4c1f-9318-b2fdf60917c1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
bd0eeeb1-9ae2-4983-a11c-6b7c8452dcd5
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/bd0eeeb1-9ae2-4983-a11c-6b7c8452dcd5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je3b81v9134755342&_p=1700045840912&gcd=11l1l1l1l1&dma=0&cid=1672339767.1700045841&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700045843&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dt=%E8%AA%8D%E8%AD%98%E7%9A%84%E5%A5%B3%E4%BA%BA%E9%83%BD%E5%8F%AB%E4%BE%86%EF%BC%81%E5%8B%9D%E5%88%A9%E6%80%A7%E6%8B%9B%E5%BE%85%E6%97%A5%E5%95%86%E9%82%84%E4%BB%94%E7%B4%B0%E5%8F%AE%E5%9B%91%E3%80%8C%E7%99%BE%E5%80%8D%E5%A5%89%E9%82%84%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5468
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AFF9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENl1HIqkIIm4v9KXEySHQEU&google_cver=1&google_push=AXcoOmTbfrDykLvbl96rFKTnIAI067eXk_0RoIUh6cwHG5823fOVHc7mI4sU1pD_lzHLmMyQpbqUkq3RjkexaEacwSrQx9xOJgM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC90A40E437D411EBE6188384A13407E&google_push=AXcoOmTbfrDykLvbl96rFKTnIAI067eXk_0RoIUh6cwHG5823fOVHc7mI4sU1pD_lzHLmMyQpbqUkq3RjkexaEa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC90A40E437D411EBE6188384A13407E&google_push=AXcoOmTbfrDykLvbl96rFKTnIAI067eXk_0RoIUh6cwHG5823fOVHc7mI4sU1pD_lzHLmMyQpbqUkq3RjkexaEacwSrQx9xOJgM
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 15 Nov 2023 10:57:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC90A40E437D411EBE6188384A13407E&google_push=AXcoOmTbfrDykLvbl96rFKTnIAI067eXk_0RoIUh6cwHG5823fOVHc7mI4sU1pD_lzHLmMyQpbqUkq3RjkexaEacwSrQx9xOJgM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 14 Nov 2023 10:57:24 GMT
pixel
cm.g.doubleclick.net/ Frame AFF9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kvGJxUStQGacuXsMsoRQWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kvGJxUStQGacuXsMsoRQWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQUM1REHXXnGg1N7xH5SJop3z8UFD3XpZur2JAQmauyVaYY6cvx4BU3ibKiDTVc8CBk-Yf3VSFo3cEhg3q9f9NHjO8gjW4
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kvGJxUStQGacuXsMsoRQWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQUM1REHXXnGg1N7xH5SJop3z8UFD3XpZur2JAQmauyVaYY6cvx4BU3ibKiDTVc8CBk-Yf3VSFo3cEhg3q9f9NHjO8gjW4
date
Wed, 15 Nov 2023 10:57:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AFF9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKdO55vIlxfI_-lAtABTEtI&google_cver=1&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmwg_GncLGBNv95-P4je579Mkhu1yRX0h16WX7Z0M6zdA
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmwg_GncLGBNv95-P4je579Mkhu1yRX0h16WX7Z0M6zdA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzA3NTI4Mjk1OTcyMjIzOTY3NQ%3D%3D&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzA3NTI4Mjk1OTcyMjIzOTY3NQ%3D%3D&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmwg_GncLGBNv95-P4je579Mkhu1yRX0h16WX7Z0M6zdA
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzA3NTI4Mjk1OTcyMjIzOTY3NQ%3D%3D&google_push=AXcoOmRbBu_7tc10ldPS-uoCKwTXrGbMiSvc-t8M7axM0wYsy4jjqxmwg_GncLGBNv95-P4je579Mkhu1yRX0h16WX7Z0M6zdA
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pub
cs.chocolateplatform.com/ Frame AFF9 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFHtm3NLMGm8aujvSdSbOVs&google_cver=1&google_push=AXcoOmR7WUmJA2D9zHRhpsl3bTNzmzklLi87waG6RCATlyCBeSgG_GgYQqb2J1xK-1XutwnBjvM_kuLWvWXtQrI0QIHzZmX45kA
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Nov 2023 10:57:23 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame AFF9
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQ1J9hGnIda6AN65hZ-OF2mcIrljfe0vYTmnfIftvc3kp4gI0mgnpbON3sNPOJqQzz5Cia9kT4MB_NgE2dcYRNxw_E9T3_H&google_gid=CAESEM8BuvCKwDAkP...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVZGQ4ZDgzMDM4ZjI5NGRmNmFjYmY0MWVlNTIyYTNiNGY&google_nid=opera_norway_as&google_push=AXcoOmQ1J9hG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVZGQ4ZDgzMDM4ZjI5NGRmNmFjYmY0MWVlNTIyYTNiNGY&google_nid=opera_norway_as&google_push=AXcoOmQ1J9hGnIda6AN65hZ-OF2mcIrljfe0vYTmnfIftvc3kp4gI0mgnpbON3sNPOJqQzz5Cia9kT4MB_NgE2dcYRNxw_E9T3_H
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM8BuvCKwDAkPOWGufFqVEE&google_hm=T1BVZGQ4ZDgzMDM4ZjI5NGRmNmFjYmY0MWVlNTIyYTNiNGY&google_nid=opera_norway_as&google_push=AXcoOmQ1J9hGnIda6AN65hZ-OF2mcIrljfe0vYTmnfIftvc3kp4gI0mgnpbON3sNPOJqQzz5Cia9kT4MB_NgE2dcYRNxw_E9T3_H
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
324
expires
Mon, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame AFF9
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK_pMkAdwB8J...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWYxYTgzZGMtMzM0Ni00MGI3LWIwOTEtZWViMGI2OTljNDU2&google_push=AXcoOmTp8qvj--pVjCJXrFcV5ZBCWV6Genzgb__t3QqbFmIKOdZ6Tsx1JkZ7ZtcP3f5HH...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 15 Nov 2023 10:57:24 GMT
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AFF9
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF3XiuTf5...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF3...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b0448ec-d5e2-415e-a5d4-664128ef3abf&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b0448ec-d5e2-415e-a5d4-664128ef3abf&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b0448ec-d5e2-415e-a5d4-664128ef3abf&%%GOOGLE_PUSH_PAIR%%
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame AFF9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Irwkak5zRPBgwJCD4L2UPI2j0jxnpnwE4JxDhetOvXQ23SuGXhImwdnDgIodTIQgzIsHxTFOji
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBED 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2387
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:17:37 GMT
expires
Thu, 14 Nov 2024 10:17:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7532 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e7012aca0d9517e024e88f327ce21e0c3fff97d8d56d15ef8cf7b47465a063c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-10RggJ3Yj3zSjnxce_l5Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-10RggJ3Yj3zSjnxce_l5Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:24 GMT
expires
Wed, 15 Nov 2023 10:57:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
viewability
hal900014.redintelligence.net/ Frame 409C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=43401500063257004438466012509014&a=f93e30cc&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:24 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 409C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 19:01:47
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
51673843f53a00beffdb2f63b2c01e4b
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Nov 2023 10:57:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 93FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1645423197550382&bg=!UlGlUR7NAAZxrfrxUa07ADQBe5WfODTdkew8NZgMDEBSX634sJ4Ryd97g7j3lAZbdcoAF4j3zXEzWIp-eBDhKAY1aWZXAgAAAbhSAAAAA2gBBwoATtGXXllAxi5bVwv0UQz9JhYwh7ZJgWtNTHBA1NoJly0gEC-XFSKjGgDobUHn7Xqmf8jRy_4O2i-2s9z9R3EUqsxV0XYpl1bskrcGLWtE4JkCw8pV6KU__Xx-k9qUsdXhKfJSl9D17YbSExRZtNNkl_neyDiWT5CASmpI8b3XHRaER-LIS4JMxkoChokmPQGGvGYbVEEqNBqQFu5zKGVGD-XUiRtA-ofSIHgTIKw_7qJnLM5udZm_NDlAwp48l836nfplAd5B8r7tMQ9vnPPLIX2LTS51A3G6JZAPY6Ff_bKXv_ejcj4xPnF5D5McvlafS2XuX7rHgy7lOezm7BRhiaFTdeG5EEz9pSVPhK5pahREBmxBg6OfJQPn9glR6bFwvgVCgqNlUxTkQKrNMfa-qQxt99X21YMByaKgcwz1WXkFrTMsq82i62X0k89yKyy_uANAGBalCF46H3RsAYfqT6aOi7_y1xInBAkgwxxWAgcc_ZhZwNhBIZ7NN8g4kzifYl03x7UNpYldIJ9G1EcCg_cBgEOnN-MmnPj-Fymr_VRuDaqn_9mE-XHp8mvJvs8X33ZVMXVzjjWsRUalWLEjFYZzD2NA1x_CcStUswWY36dEXsnx1Xu6pRAwNFON9XaFOcxWRIAoojENWCyYFguZ0nynhHBVgGVc_w2w9ncfAcrqPLrJ1H2Jw80IdUXR5NZ7j4L0zfhYkUFGQqzx4Ag12Uss8cEzoGexpfR5dPFiSRF7gyhQBXIMC4A_j_AXE-UbZWmHMwSjcjfOrOWOug5nHSBN7ST_FrVoVc-NT_3tjIGYGWE9BaX-I22tmffzrfNl2F1gjHGXv2dImN_Y5r1xQDfdGFgZ8dMcbshYAKrN_IZnWuw8XZFoslO-RZSDngoLWFTfwYstHAoXAGfUAX0kCpR16uxbUPvMnJq0swwWGhiFmb4njMAWv7osStx1e5ASn5Ml0oz3hFtNb2evsWWMMhzJJrRvn9fhSOZphDFaaDg1kRzrcvYDGFUrQrvNKK3iwh-h3lyr7ZLHJCWMYWBqOF7R9VPc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-164
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
dbed5626fe6f99bf844b3255884b6e65
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5141 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuVBBEqRUZfvpNoSXx_APpMqPuA8AAAAAOAHgBAI&bg=!LC-lL2DNAAZxrfrxUa07ADQBe5WfOCfQnM1qVsAKu48zC_hgR1FMRse4EqfEDB2hle1Lo5PvmwP0UMi9fv9LM6Cs4D_NAgAAAutSAAAABmgBB5kC_eQ5PGdZQ2BYAqpaDUiJ1Ewk3h6jr3Bm7NDw5gqX0ZCW_qWc0h2rURuA5QiaNV0UEd0rPqlSw_ap9G2AKnIDpI8ktCuwi2O-36FePPrw9QoJHGuJubyCoIRxsshfu0Rc00JpFlGy_oVhv2l1Yo4kE12nyy1F-NFnA9IMAfjorhno6ypEmLdwbrglTUZ3JM7yu_qvjmncUPf14QmuSfoG40pflPXvaS34VukxbY3ZFVoJvEWca-w_UfV2cWbAGgz4iX_oqXelOQEMr4S32LlXt_0WEyB7PuNJdlC1p0suH0evzjyK7ZLOSu171JkWIv-IKkknVGLhUVj_y4--RT5qBiSP72zR_qD0oV15r2m52CRi02yJFV58z_N_Od3x3hNt9o72bLreQbfkfseweW4FGf7Qb6KHuE5YebOmMU4xpWZC7_aBms0rrW7nF-dANs5iLIuX7YpcqSmQfZzuduvYBulPety0eaQqXuG74l9D3Zd3rgtQn9Xii72amINnQJw4lQpc-KLdt6Jh9In9d1QfHuOgkfS0t4pTBtXma-0Y7IxurddVLlq89p5ns3VW2y7O_z22Vj31Gy1z6RevZHMMxAgZaxCJ7hI8dIp9u-urZBcQPefrcTy2xoW75cBTOY_uFSNwbtqiPht7FCbyJUu20o4cTPZCeEJAgmbzam3QMUilRVSQ9jAuXYZXoVyhXBDz0o_ZpUP8lpVZP1IMh96BIIGYFxcc3X1D4YAT3wVN-vFcBRpET-NsobAJ2vt2PFcYOqsnDWT04_gXgPyCsyfWZuuLd_9Gn_SM5Y6iiy-LL-FYoYcTBzuZQur59cNzh0tUjoFtNKLaH37l79yXvDsZKiZAd2yLt9AqRLhaaG6k3YVHeUo-NA3mQHBYqrxjxNXyscMPhivhpO_lPOUkLpqYvpg0ED0JziU_2qnx81ytnW4OP6-_pfYa64p9umkEgiIF9n3shjvpVykmeEE-zYJL4ZdwDvQLGN8XANxhcY-GOInGxWievjXOPv01I_96xw
Requested by
Host: 95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
URL: https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7532 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2860807841741990&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame FBED 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 09:55:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
3698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 09:55:46 GMT
inview.20190130.min.js
js.genieessp.com/j/ Frame FF08 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/inview.20190130.min.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
last-modified
Thu, 14 Feb 2019 06:15:01 GMT
server
nginx
etag
W/"5c650765-13cd"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Thu, 14 Nov 2024 10:57:24 GMT
jstag
genieeintl-d.openx.net/w/1.0/ Frame FF08 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/jstag
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9af30e690a73d34016294ddd4d83805936b17ceb227df40f4efc6eab00cfc761

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18067
expires
Wed, 15 Nov 2023 11:57:24 GMT
gl3
ialaddin.genieesspv.jp/yie/ld/ Frame FF08 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/gl3?zid=1551001&asid=11030163&idx=0&cb=80468bf533&l=DTb82tEKhtApkk90Op-_fW0BuGDWqZ9Y7p55h2elb2LA0j76S2iyOWC-TLqtynPu4IZWagpMoIMHIAP6ugNXNiF4JKY1wPlpbCqBGKDmKVOI5gJQZ2MhsuykMPOnRc6WRpVC65kR77vskLm9_PskxZSiADXby3KFrAet5_SwDPtpNon0LNqurj3C9rMr2qxVtO6RtANsiouTnj95XktX7in-vR8D-QjsewrkfpytoRn24fintAh_0HG3Jl-PQLyA-qmxp_C1-3j3ECQDxv1AnBUW6TsBzojKYAkDVWT9tk9SMClz48zuiXRFfrk27WXpTRwshc4hpli3xR74Sfk4n9gKy9hYyPviJiO_Tkix9JiPGur6DVBMxz2bczqEj74LQ2W-b1qynoJx9RNtWTmqWYuNrm5vQr4fp0H__C2VjlD9EHt7Fyv9TEbLwssGyuF1JhA_IYGXrxeMr1RmbeUGuU2my1B71FlYRypPFQL2N70YSmVGTqo8RF_0ePQ_qWdjuiqcELpDCKO0kbjnWslL3F2Xc-bYeVS7Nfb0xLTlPS1ZiIsYHz3ybmuArBZZz0iss5SzG_I-8xTJ_T-jfzsWTw-wJrE1rMVNnL51QJXKE3oGJ9prL9et3niofaGS2syMyqR8KkQNF2OEZQuXl6whv9ub-bxdRCU16xtey0IxcdAudzSVSlZb5EPVpAt082EVGeoUdx5HQGJgAyzXCijKlzUvteC1CzFZs0P3s1YaxP-OneuIHq3DsQ_a7fQv7a4NbiAxV9si61pq361v8UCczZLzURyjLqVeCoH7Lr0Vzy275I3h-k-uN7sW4bVB7jTB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
cs
cs.gssprt.jp/yie/ld/ Frame FF08
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=2
  • https://rt.gsspat.jp/lcs?lamp_sc=aladdin
  • https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=da3c39d4fd467e57b379474c57cbae3e
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=da3c39d4fd467e57b379474c57cbae3e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=da3c39d4fd467e57b379474c57cbae3e
date
Wed, 15 Nov 2023 10:57:25 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
acs
ialaddin.genieesspv.jp/yie/ld/ Frame FF08
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=yeahtargeter&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA64RrwaWF365zJwabTMp2E48p7lpsjRsbm9aTkLLvTXuHYMcELK16y6FTmPW4Hwcdg&format=gif
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA64RrwaWF365zJwabTMp2E48p7lpsjRsbm9aTkLLvTXuHYMcELK16y6FTmPW4Hwcdg&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 15 Nov 2023 10:57:25 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=yeahtargeter&v=y8dVQGccMh9dJPpW0SybA64RrwaWF365zJwabTMp2E48p7lpsjRsbm9aTkLLvTXuHYMcELK16y6FTmPW4Hwcdg&format=gif
date
Wed, 15 Nov 2023 10:57:24 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
acs
ialaddin.genieesspv.jp/yie/ld/ Frame FF08
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=2
  • https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyTTVNbEs2P6c5jQdLOQAoNlWsbZD9Y1Zvd9rBjHnG4z_nOuVrzu5k8fVnFJQl4mLA&format=gif
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyTTVNbEs2P6c5jQdLOQAoNlWsbZD9Y1Zvd9rBjHnG4z_nOuVrzu5k8fVnFJQl4mLA&format=gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 15 Nov 2023 10:57:25 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
43
p3p
CUR ADM OUR NOR STA NID

Redirect headers

location
https://ialaddin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybAyTTVNbEs2P6c5jQdLOQAoNlWsbZD9Y1Zvd9rBjHnG4z_nOuVrzu5k8fVnFJQl4mLA&format=gif
date
Wed, 15 Nov 2023 10:57:24 GMT
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
server
nginx
p3p
CUR ADM OUR NOR STA NID
cs
cs.gssprt.jp/yie/ld/ Frame FF08
Redirect Chain
  • https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=appier&format=gif&vid=2
  • https://g.c.appier.net/ge
  • https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=Gi1SbHcCAei4bY3QFaRUZQ
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=Gi1SbHcCAei4bY3QFaRUZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Server
133.186.12.14 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p014.net133186012.broadline.ne.jp
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 15 Nov 2023 10:57:25 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.gssprt.jp/yie/ld/cs?dspid=appier&uid=Gi1SbHcCAei4bY3QFaRUZQ
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
97
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:24 GMT
x-amz-request-id
HHY0NQ91R65HT3D9
age
2277
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
1aLLj3wTF6Hb4QpDejMBZ+IhqWdnyRRAZC3aa69irK3RgvzcwGvLjH/ZFc60e1UY4gUBo215H64=
x-served-by
cache-mxp6923-MXP
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700045844.300378,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
24
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4576
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 15 Nov 2023 10:57:24 GMT
x-amz-request-id
A6XD77SS1CMDSM72
age
12505
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
FSxV+8Hpz/6WkleYz3xquIzHKjbgxOmYAfNkOGLdUSjKradKSM07FyoFtz+tnbwAd2b/26VZ5MQ=
x-served-by
cache-mxp6923-MXP
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700045844.300492,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
35
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2223
gen_204
pagead2.googlesyndication.com/pagead/ Frame 080D 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BETm_EqRUZb3WNpaGjuwPuaWskAsAAAAAOAHgBAI&bg=!yMuly4TNAAZxrfrxUa07ADQBe5WfOGuBBXV2JwmMvDB-MJumYq1rQ0I5kX8whITuJEIzTev_BhFMaVeKeUVPrgie_nY4AgAAApVSAAAABmgBB5kDHlKqtL06Qy1EVijl21djpfXh9MkfNS0ibOrU80LXMucmJHCojndPAympS6roYegeBqQRkknG5lzmznWPyrB_mim1RpxTUkJcdA45c3dFo0ivNryfoalulDR4CtN-NWzKzL_vDIBFRCOb0yFv6dgh4rqLN7fHTJ7WTkgI-6xbzTqbleV1cMyQZkRrFdjdq-3A-KVWoSHvxjorBTIsXTUJlQI0U0B1ibj5DKqn0jKG947faubCTgnmfcoEoX6Xd3iehWIgsasMbyWNWi9H_lYkBmhiFD9DjlqCB9jxgivufgEzRBSm8w45v9ckNpdpE0HbRAf10Ne8i7u92zShdKhpVWfnPP14DUz66fuBF3jQdbwR7UyEVd38zT-OVqyDwsgNPuOBtRFeDYn_a227OfFTRzrKx44eOm6t6E1xRY0Wcl8P2vn9GDBTW9PsYZ7IhhTGtCZY5OeDyGJOcGi_yGhj1nTBWJ21FFaYJZsojnN90IOjVs-_2J8FSJG4ECjoNdSd5r6D0wtVYSpYW6yJj3qeZofrO4BAewia8snPYcsfY6nvY_p3Kl2jYdrSNM2f_Nl07rxYBlaGd6EXLs3k9DGxPiNCJQRN4RTkj2_hPBl0XBaFyf3qbqsctP1oCv51droNwk_2ZYvFfcJl7xqYhxHKNOjdX30uRn4kx6MrDHEwvmh-zizfc6nU1wbwBLjOFLgeOuB4KpTi5zjMvcBVqJBwK4VCuSm1vR-BUqjNDoh0JXhY08pt2tJyA557ipgz3iW51dzeD73NfC3U0cRRm6WlqweyMHWFyDC_agz11O7qiwX1RpWTdCHL5VbaMjmj09zXFGhvu0jQ74PZRJtTvY8YWB9k69PAHMJAN5sC7JSDrza3SS4YHYWZUShZsvYT7FC3u9qAemG9lTBfTybrITe6pZwaEQqFpaWm4_GADt8-kLnuXcjOOrapxdh2M6QRjgnUxpOMsmEhReWkDypqWtDwVw97tLKPa2Zu-eJoCJ_DhtL1GeZ8eAgbYFYn99Pt9US6dpQZp1aoqdEbDUMemVivrfhVGppF1vmgMPNrthNV4A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Nov 2023 10:57:24 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6976-MXP
date
Wed, 15 Nov 2023 10:57:24 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
no-store
server
nginx
acj
genieeintl-d.openx.net/w/1.0/ Frame FF08
Redirect Chain
  • https://genieeintl-d.openx.net/w/1.0/acj?ai=aa1bac58-7ee0-4efd-9836-3cf023571424&o=2374108293&callback=OX_2374108293&ju=https%3A//www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-r...
  • https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=aa1bac58-7ee0-4efd-9836-3cf023571424&o=2374108293&callback=OX_2374108293&ju=https%3A//www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-...
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=aa1bac58-7ee0-4efd-9836-3cf023571424&o=2374108293&callback=OX_2374108293&ju=https%3A//www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ecd767f96a6509b82fe17e2d7d2c24ff35183e0a068101eb0560bf94f6d6248a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2332
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://genieeintl-d.openx.net/w/1.0/acj?cc=1&ai=aa1bac58-7ee0-4efd-9836-3cf023571424&o=2374108293&callback=OX_2374108293&ju=https%3A//www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&jr=&auid=559782852&aus=300x250&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=0x0&ifr=1&tws=1600x1200&mt=1
date
Wed, 15 Nov 2023 10:57:24 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
generate_204
tpc.googlesyndication.com/ Frame FBED 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DfWs4Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-51
cdn-cachedat
10/31/2023 18:48:10
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ae4be3d69e98551c0874db381b60d764
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
98d88b36d766a8925a4d066d50df3321
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
321 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
1973c22c4459ad24aa1c87fdf8f0caf1
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
AAABi9Kg8EVhxUWjyAZ7B5YneNnTIdkxGxo7WQ
pn.ybp.yahoo.com/ab/secure/true/imp/uatQZuSlietNNAOXohpJhWXhwrDQLl5_I71pc3SNuuZ5cGmqHKsruG-HrV8u8TOmBP2Le3gCU7DqNN8vBNH8PmfGnKrP6e9lUeA0yF92e7k8JD8H1_DiZzdp9P2UldJGoEM7FkP4wwzxsaONIdw7wg-sqi9lyccIW... Frame CDD4 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/uatQZuSlietNNAOXohpJhWXhwrDQLl5_I71pc3SNuuZ5cGmqHKsruG-HrV8u8TOmBP2Le3gCU7DqNN8vBNH8PmfGnKrP6e9lUeA0yF92e7k8JD8H1_DiZzdp9P2UldJGoEM7FkP4wwzxsaONIdw7wg-sqi9lyccIWw-OVsBQfFJNlvLFS_PoJFHDYEcYs6HFppJB9tBs1zpTKjBrba8zhxXaY2uZGgTr5ndW2byWZ0QrliyEx5PVoBQmF1aRRmlQj-eKTSEH0h0MRxGpcJh2Fp9FmwXqPDtUIDdtjksVr1O1vLL9KGHqmld9O0DO4lZhzbqD1huscqo_JPiFDy1go1k6K2aAlG0Kt9RKwApimceQJauXWjbMX0s3XaY_lWVqwgq4erspQuEdl42no0V0LiNuZTTGuFLTRjHRg-TCaOBg0BpUR-MFAKgaxOcESnKxv9xHxYUCCuOcmRYuMnNb6XIIOnmbHndD9fl_03gz3MA5YKshCZBKfKRWadPyzJJ-itBG5qOfoKMJH_QtNljFgb47CIKNyvIvEwtB58t-Pxnsv9un_OlaDG-j7ZJTA3QiumxrIGytkNNuGg1wxVfo5jXiJ8lcAnKzB6Hx_1BQq1W9Oo6omyGoe8xrtqHu5EdPCFRVN0IrfSKqolGzjNxYwmaGUThohg4Fu8tu5_yoqLa68rlFc8vWNwdgdcRdCqOPePgFuR0xDhzwSh659L7xzamziyc7-SvHCzcCRj4OISpb_ObrTo7lbox0ndBfcuFkr_efcUSFbO8P1snumC_cWzdojcJ3JWTyAMkFwTgYWtxSVRoutBrJyGsAFqiIzdOZm1KN11AsiNCVP8iuHp8ibU21uIhlJuB2R7PfPo7-4ongEW3mI_9sBBeSN0Sy0RmXb5S6El8EKe9zGcSwU9vYoOi1sezbXep0BEli9VUTa_y-vPzUeAPlC65rxxOhim7Ib782yJ5dGPoPidIwfZiDVJ_7yN30aQ8Rd3-ugy39naNhs9fX1ubJKxD0943alEuOY4H0andNpxfuVMblHN5LywW4HBGIR0TXzKzUEzktxZddTL4v0xY5uG6HcZP1hoYCG7ur6BVSj7wR33o7rGLAnyiTBvD1bbuFsgvFFJqvCDUkLpkdCL9ivacFJrZDjeyX9v4S6lHygRIUR7ahni6Pgbv8oTGS-0Qzu7LJ5BTAh0mX_WFqWgvcNnYRF7JOrvhG3ws7OSU7GjUspIxT39ygdfGfUMnDVHHXQPx7csLI8bmk5Juet9CVGP5hcmML3GLeGOm2L4C2PkX-QA6OU-noGUusQ_opDGZ39_QB4V4oOOI-4vbObyr6dkyXrId8C6pbk5oGfyb1DejnwFCNFVs9DceBsTQ6704wT6UxAk_Yo7nw1KkDkxYNAuiqIw7ZPtPrjDBaJjWsObEm4R5OpDB5gXLXsrV-0t37vwRswHteyDQwWknDRxJ0ykmwFvLeQjYeWhvQiffnvjUL9ugRPMPDtqBQR9II1g6zVg8RLUoH98GH9RH7a5rFMrW_zYQZKxoUjUaU0QBPG4d_OYZewhYY3uGw4__X7iB8t8sK0XMa2BE/wp/AAABi9Kg8EVhxUWjyAZ7B5YneNnTIdkxGxo7WQ
Requested by
Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e6f3de9fa7f484b6266e4a1d211d0d0bc1ef09c1b5efed523417888eb2ade51a
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
3296
x-xss-protection
1; mode=block
ri
ox-delivery-prod-europe-west4.openx.net/w/1.0/ Frame CDD4 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-delivery-prod-europe-west4.openx.net/w/1.0/ri?ph=a0527399-465a-45da-a1aa-d06dd857c10d&ts=2DAABBgABAAECAAIBAAsAAgAAAbMcGApXUmV0QjYzdUZLHBbj2-W9x9Sts20W5ZK3vs__uoOiAQAcFsnO_Z7ly6exyAEW8bSzr6TOlJmDAQAWqJCl1QwVAhEoJDE3MmQzNjkyLThkYTktMGYxNC0wOTQ4LWYyMDI3NzQ0NjA0Y0kMACwcFQIAHBUCABwVAgAAHCaI7-yVBBUEFQQmhO_slQQWyoWhgAQlAhUCpigWKBYoFigWKBYoFigWKAAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABaq2piABBb8wZuABBbqwraDBBaWwraDBBUYHBT0AxTYBAAVBCYoFigWKhE1DiYqNAIALCwW1fjFx_Gq_9QgFq-FpP2Pzej9ugEAFqiQpdUMBiiq2piABBb8wZuABBaWwraDBBbqwraDBBgHNjY3NzI2NRbMfxYqJQQWABgENjA0OBUEoSgHY2NpLXNlYQx6FPgDFNoEABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQEdHJ1ZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgGc2JiLmNoAAAA
Requested by
Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.196.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
122.196.102.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-661
cdn-cachedat
10/31/2023 19:00:04
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
dbbdb23ffe80709d8486f095eeb6fa22
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-664
cdn-cachedat
10/31/2023 18:58:48
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d38c167e0bd40ccede3e429c61d094fc
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ypd_assemble_html5_ad_v2.js
s.yimg.com/ch/html5/ Frame CDD4 		1 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/uatQZuSlietNNAOXohpJhWXhwrDQLl5_I71pc3SNuuZ5cGmqHKsruG-HrV8u8TOmBP2Le3gCU7DqNN8vBNH8PmfGnKrP6e9lUeA0yF92e7k8JD8H1_DiZzdp9P2UldJGoEM7FkP4wwzxsaONIdw7wg-sqi9lyccIWw-OVsBQfFJNlvLFS_PoJFHDYEcYs6HFppJB9tBs1zpTKjBrba8zhxXaY2uZGgTr5ndW2byWZ0QrliyEx5PVoBQmF1aRRmlQj-eKTSEH0h0MRxGpcJh2Fp9FmwXqPDtUIDdtjksVr1O1vLL9KGHqmld9O0DO4lZhzbqD1huscqo_JPiFDy1go1k6K2aAlG0Kt9RKwApimceQJauXWjbMX0s3XaY_lWVqwgq4erspQuEdl42no0V0LiNuZTTGuFLTRjHRg-TCaOBg0BpUR-MFAKgaxOcESnKxv9xHxYUCCuOcmRYuMnNb6XIIOnmbHndD9fl_03gz3MA5YKshCZBKfKRWadPyzJJ-itBG5qOfoKMJH_QtNljFgb47CIKNyvIvEwtB58t-Pxnsv9un_OlaDG-j7ZJTA3QiumxrIGytkNNuGg1wxVfo5jXiJ8lcAnKzB6Hx_1BQq1W9Oo6omyGoe8xrtqHu5EdPCFRVN0IrfSKqolGzjNxYwmaGUThohg4Fu8tu5_yoqLa68rlFc8vWNwdgdcRdCqOPePgFuR0xDhzwSh659L7xzamziyc7-SvHCzcCRj4OISpb_ObrTo7lbox0ndBfcuFkr_efcUSFbO8P1snumC_cWzdojcJ3JWTyAMkFwTgYWtxSVRoutBrJyGsAFqiIzdOZm1KN11AsiNCVP8iuHp8ibU21uIhlJuB2R7PfPo7-4ongEW3mI_9sBBeSN0Sy0RmXb5S6El8EKe9zGcSwU9vYoOi1sezbXep0BEli9VUTa_y-vPzUeAPlC65rxxOhim7Ib782yJ5dGPoPidIwfZiDVJ_7yN30aQ8Rd3-ugy39naNhs9fX1ubJKxD0943alEuOY4H0andNpxfuVMblHN5LywW4HBGIR0TXzKzUEzktxZddTL4v0xY5uG6HcZP1hoYCG7ur6BVSj7wR33o7rGLAnyiTBvD1bbuFsgvFFJqvCDUkLpkdCL9ivacFJrZDjeyX9v4S6lHygRIUR7ahni6Pgbv8oTGS-0Qzu7LJ5BTAh0mX_WFqWgvcNnYRF7JOrvhG3ws7OSU7GjUspIxT39ygdfGfUMnDVHHXQPx7csLI8bmk5Juet9CVGP5hcmML3GLeGOm2L4C2PkX-QA6OU-noGUusQ_opDGZ39_QB4V4oOOI-4vbObyr6dkyXrId8C6pbk5oGfyb1DejnwFCNFVs9DceBsTQ6704wT6UxAk_Yo7nw1KkDkxYNAuiqIw7ZPtPrjDBaJjWsObEm4R5OpDB5gXLXsrV-0t37vwRswHteyDQwWknDRxJ0ykmwFvLeQjYeWhvQiffnvjUL9ugRPMPDtqBQR9II1g6zVg8RLUoH98GH9RH7a5rFMrW_zYQZKxoUjUaU0QBPG4d_OYZewhYY3uGw4__X7iB8t8sK0XMa2BE/wp/AAABi9Kg8EVhxUWjyAZ7B5YneNnTIdkxGxo7WQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:54:01 GMT
x-amz-version-id
null
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
9R6EY16N1APAVF4J
age
204
x-amz-server-side-encryption
AES256
x-amz-id-2
ifMTapEwUt3dD3db0HmKeuLzLA+1gIdsL9j7wWr9G+vb9mTFPkjMCynMl+KWXUswrOeQ7OPrScg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Apr 2020 21:31:50 GMT
server
ATS
etag
"4e35383cafebd24c53a0b609c80aa6e9-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
inside.js
cdn.js7k.com/rq/iv/ Frame CDD4 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/uatQZuSlietNNAOXohpJhWXhwrDQLl5_I71pc3SNuuZ5cGmqHKsruG-HrV8u8TOmBP2Le3gCU7DqNN8vBNH8PmfGnKrP6e9lUeA0yF92e7k8JD8H1_DiZzdp9P2UldJGoEM7FkP4wwzxsaONIdw7wg-sqi9lyccIWw-OVsBQfFJNlvLFS_PoJFHDYEcYs6HFppJB9tBs1zpTKjBrba8zhxXaY2uZGgTr5ndW2byWZ0QrliyEx5PVoBQmF1aRRmlQj-eKTSEH0h0MRxGpcJh2Fp9FmwXqPDtUIDdtjksVr1O1vLL9KGHqmld9O0DO4lZhzbqD1huscqo_JPiFDy1go1k6K2aAlG0Kt9RKwApimceQJauXWjbMX0s3XaY_lWVqwgq4erspQuEdl42no0V0LiNuZTTGuFLTRjHRg-TCaOBg0BpUR-MFAKgaxOcESnKxv9xHxYUCCuOcmRYuMnNb6XIIOnmbHndD9fl_03gz3MA5YKshCZBKfKRWadPyzJJ-itBG5qOfoKMJH_QtNljFgb47CIKNyvIvEwtB58t-Pxnsv9un_OlaDG-j7ZJTA3QiumxrIGytkNNuGg1wxVfo5jXiJ8lcAnKzB6Hx_1BQq1W9Oo6omyGoe8xrtqHu5EdPCFRVN0IrfSKqolGzjNxYwmaGUThohg4Fu8tu5_yoqLa68rlFc8vWNwdgdcRdCqOPePgFuR0xDhzwSh659L7xzamziyc7-SvHCzcCRj4OISpb_ObrTo7lbox0ndBfcuFkr_efcUSFbO8P1snumC_cWzdojcJ3JWTyAMkFwTgYWtxSVRoutBrJyGsAFqiIzdOZm1KN11AsiNCVP8iuHp8ibU21uIhlJuB2R7PfPo7-4ongEW3mI_9sBBeSN0Sy0RmXb5S6El8EKe9zGcSwU9vYoOi1sezbXep0BEli9VUTa_y-vPzUeAPlC65rxxOhim7Ib782yJ5dGPoPidIwfZiDVJ_7yN30aQ8Rd3-ugy39naNhs9fX1ubJKxD0943alEuOY4H0andNpxfuVMblHN5LywW4HBGIR0TXzKzUEzktxZddTL4v0xY5uG6HcZP1hoYCG7ur6BVSj7wR33o7rGLAnyiTBvD1bbuFsgvFFJqvCDUkLpkdCL9ivacFJrZDjeyX9v4S6lHygRIUR7ahni6Pgbv8oTGS-0Qzu7LJ5BTAh0mX_WFqWgvcNnYRF7JOrvhG3ws7OSU7GjUspIxT39ygdfGfUMnDVHHXQPx7csLI8bmk5Juet9CVGP5hcmML3GLeGOm2L4C2PkX-QA6OU-noGUusQ_opDGZ39_QB4V4oOOI-4vbObyr6dkyXrId8C6pbk5oGfyb1DejnwFCNFVs9DceBsTQ6704wT6UxAk_Yo7nw1KkDkxYNAuiqIw7ZPtPrjDBaJjWsObEm4R5OpDB5gXLXsrV-0t37vwRswHteyDQwWknDRxJ0ykmwFvLeQjYeWhvQiffnvjUL9ugRPMPDtqBQR9II1g6zVg8RLUoH98GH9RH7a5rFMrW_zYQZKxoUjUaU0QBPG4d_OYZewhYY3uGw4__X7iB8t8sK0XMa2BE/wp/AAABi9Kg8EVhxUWjyAZ7B5YneNnTIdkxGxo7WQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
RM2HMG2020KBEYPX
age
12096
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
eee/Das9iSOkdYv+z+30l3Jngr4QegrZXMdFAF4+3kB4OnzffP1qVK9s+ucKYsEx8vOoObOjgG8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
activeview
pagead2.googlesyndication.com/pcs/ Frame 2823 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5TL-I1pDJdBV78YnIptNpVSuAmvHrmEeW0sMdTUFv4neb16cLTLqOjqoDF-O1zcJoLlCpe_yLW5GeBWmaMFFei1pnTa-Q-t0_C0f-Gp3dRyaygrixJK1vpS-4DAbX&sai=AMfl-YT8NWE8YcCAxQ2Wa1cc9vtzS8KrZK2pLIbRjOfVwpNOFhVy7V0JPv4Efv0WbL5dkfpJvxEiXbY9E5FJ2LIY04b3-Q7nNZNdjb1qdm8Cve8oyzyPWUNvqnZmDFD_hgZXP_w4NoPINkI&sig=Cg0ArKJSzNI1iwPvQoCoEAE&cid=CAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB&id=lidar2&mcvt=1000&p=1110,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700045842595&rpt=1059&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ecba6cd5f692c7f7ccd2134ccc5d5276
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:58:42
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
2d4ce34c1a948d5a84184a24ca379318
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame 97B9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssB1JU93Dm3U3lAvVMpavWSZifiGd3k-IrNNyO7fQEUuNfwEx3KEzfC9HJ_mi7TrnxokuWR0ivCXr0Ci4-M4-IevOQM3PEc_T0mRB4CJozc9OLDKGvzev-KM7hnRqOr&sai=AMfl-YQHQvD44hmAQQx8uofRnJnWEcFZLLgDSmZL1IjD4LMk-DVyI9JUU4YKfcfrRKShnXD-t-4wGyFYPTrrFbmXRX8gd85XyPQ6xgl-Q1lPxHZ41iUUe0a_KYS43uepL2TGfs58CLoDYDw&sig=Cg0ArKJSzJzweRMf_DsAEAE&cid=CAQSPADICaaN9vcFgX6GlOms-B8iv2GhN-xRm-o-2i-dqoE5xA1AugyENhZ-WQKq1u8dCb7_h_ukwwgdDhW12RgB&id=lidar2&mcvt=1000&p=60,450,135,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700045842586&rpt=1174&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
27c63988-a5f0-44df-b25a-c9dbc3f89426.html
s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/ Frame D3F3 		98 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
dbd25ac4aa255b6b7c0c99b95f9a74d1eddd4168f29eb6ea15db37f6554a1717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
562
cache-control
max-age=15552000, public
content-encoding
gzip
content-type
text/html
date
Wed, 15 Nov 2023 10:48:04 GMT
etag
"c46a76dbeb5c23abef7bb306b38ea299-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified
Fri, 13 Oct 2023 15:44:46 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
vary
Origin, Accept-Encoding
x-amz-id-2
sQmsm50oGM8JaMBJO5CD2wLFDSM1CCeAf8+dcNAqmPOSBHzXNSySupbaC7tEgJVa8sJuI/6C1CpCrKXkJ6dgdkG7eEKcESLu
x-amz-request-id
R50D31CF2ZCR4G63
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-content-type-options
nosniff
x-xss-protection
1; mode=block
kv.jpg
s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/ Frame D3F3 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/kv.jpg
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
d09bd8e3d503bc79eb1482fff8be68b0005fedbc286b1e54ecc817af53bd7272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s.yimg.com/ch/html5/114daa11-0594-4e58-9683-e78ee779ccd9/27c63988-a5f0-44df-b25a-c9dbc3f89426.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 01:19:40 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
5Y959KR2EP5V89HH
age
2799466
x-amz-server-side-encryption
AES256
content-length
44497
x-amz-id-2
iaAoIi4WETaA3I4JKsjdLp+JiFiM4/uXI7YcmRSlzRAY40gHeV2ZT4rIRAPlBMcKSOHiNqX1Ehg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Oct 2023 15:44:46 GMT
server
ATS
etag
"f24cd071c3f7c3c312b46a8afb8a1842"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/jpeg
cache-control
max-age=15552000, public
accept-ranges
bytes
sodar
pagead2.googlesyndication.com/pagead/ Frame 5410 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2860807841741990&bg=!GxilGFfNAAZxrfrxUa07ADQBe5WfODsblyGGikV50N_3hFovIwwj3NaKreBlftutEY7LTRXhgfbqLGi6dcLRobjIrrwBAgAAAF9SAAAABGgBB5kCzAhd9ClDCqh0uO8kFJBmRbuaXXfvU5hDbqQNjY0kzUXngqLJyexHI1sL0inv1p1pEAbU1gttkqoL7n9HFt2V5qpco3PZmkLBD7cR14A-hocy0oaULp9SUoFJ3hyivRzvYHeUbvt75aEXfJxuTrioMGPeU9LpvGIcXjNr3siJWA0Fjf_8vc4bsn-nUyU7sh7tKUK4czrj-UA574bGCLQrlDuxLLoe9Q5xAgfRClzJyTd8YDw8fNj9QIv6WqIVKdM-_HCgF-ci2Ef_ldCiANFxTjpGU_KYBsYciVi-JSxL61itgARaKlkkh5MCWWrBVZaQ0pf8Csv4aRkwxorQA3MrFriuYJ3IZzMKSeRcA5MOdbTkdi1UDC1i1AyHzCR4RiItQFSkeWPgYvPvMzaRjnX6fCKlWJ0q0c_76K5qkZStP1ek6C0m-zDBXabMScAFhjPbuD_k_YuallJ0EEM1rh56Wa5ZgAfxrdTyf2kUKBc4cZWI6aqxrVe9LVKnTrqKDTk7fOHFF-Q1bM53mtV-uEGcHZHY18kfuUX3pkb75lCbibUpZt2nWtMTq23UxHHYXGbTcT03HiHy9HMLxmg5Ue4yS6dvXYxZ2e-Td1ji-e92XU1UgPnJnijC2_DjwX_cDCj0UZExntz8t3tqNWce38zNHlBj3C8_KKGsetQdHGcU7vCqv7_Pj34N5uY1clHHKWXrwpzcOD_eO1RwnHecodcp_dZEyw-mCfwGVKXXEwU2JPmNlHeGrMjrpYj9G2zTFLQxigluSE0MshxJ5zn2TCvfSYm--FW3p23hZHqELkNiTbRvpUFZ1Kx6QzwKRI68BpdOiQVsT1CDecjXS9yjiWhZ6TKV-oUxcm5bd_kfnF15u4a66xPY4O1rxsKsZE1heG83OWvlFONvwQvP4uOZNNx15-WK_2GwHOITKCqHJwzwlXpijUTVsdjlXOSvZ1wZ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 15 Nov 2023 10:57:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
212509
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
214975
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
079877db7d161d2fced74006492057b9b59d603c69cde3ae4469ef8ae096f1ca

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 15 Dec 2023 10:57:25 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame C232 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
487
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8266f9238ca801f4-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Wed, 15 Nov 2023 14:57:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame 268E 		653 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
81dea5c6f02ce4e6febb24b50891f472338a2b26b480fcdb8c31e02ed7b46907

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
416
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 3E8B 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700045841776
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame BF8A 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 15 Nov 2023 10:57:25 GMT
isyn
prebid.a-mo.net/ Frame AD87 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 15 Nov 2023 10:57:24 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame F72A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 15 Nov 2023 10:57:25 GMT
ETag
"623de86a-cf34"
Expires
Thu, 16 Nov 2023 10:57:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 90C3 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Nov 2023 10:57:25 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 4723 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22110
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 15 Nov 2023 04:48:56 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-cf-id
25lP-f2-UwV63Ye0ADThGzBVw_sKNTpommaNICVK5hKBcfrHkGwgeA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 3436 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef6ca8dad8a63869fec190ce7949b92b367981f281677daf118b588e2313fb93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8530
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Fri, 17 Nov 2023 10:57:25 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
csync.smilewanted.com/ Frame D67F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f9236caf0e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 90C3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6330f30714835990abd39bca7dc7fd4c331adbdfc0a1c842903bf9f2d19810c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Nov 2023 16:28:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19876
Connection
keep-alive
Content-Length
13281
Expires
Wed, 15 Nov 2023 16:28:41 GMT
viewability
hal900015.redintelligence.net/ Frame D911 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=60543900066076204438446012509015&a=6faa0deb&vb=v
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60543900066076204438446012509015&a=71e68eb5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=60543900066076204438446012509015&a=71e68eb5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 268E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TVlzjBpYd4lWCneNGVRri0pfIo5WCX_cSAldnz9t
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TVlzjBpYd4lWCneNGVRri0pfIo5WCX_cSAldnz9t
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TVlzjBpYd4lWCneNGVRri0pfIo5WCX_cSAldnz9t
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 268E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1861992871520555189
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1861992871520555189
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1861992871520555189
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 268E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=9c5775b6-3884-8b19-9390-b87d7b509851
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SR4S5WNVADFNSTC85FQF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 268E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c48109cb-242e-30e3-539e-3aea136353b1&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 268E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZThlZWRhMDEtZWQ1OS02ZTQ3LTQ2N2UtNjA1M2Q5ODE5ZGQx
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 268E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOIDJhOlahXZsU5W4EOMZgI&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOIDJhOlahXZsU5W4EOMZgI&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOIDJhOlahXZsU5W4EOMZgI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 134E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10034b0b580689f51630a1c21a0e992ee7d85275e6ee509d519a8f5012f86657

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8266f923dec901e3-ZRH
content-encoding
br
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B8xqEdFAot7%2F847ZlCxqNp4woWYf77KPNfl0fwPxUuKANeR1DFLN5Zc45vDTThBUQOk4zxPbfI6BY5rnCMYzBxVOPMA3ClrkI4CdZGYjjjSDn1oZyZ4SRVk5CI68ThlV27eGVR1A6d%2FvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 811C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2058250bc2046edc59b1f94454fb634163ba03de01a875ac5d8570f48d394ce8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
etag
W/"0b1782f6072df60625de006124c0f163e"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 9F54 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 84D7 		843 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b1c6bb12efccc9573188c1b881ef825426e65f2d0a64b0d5808e0dbfc12b5207

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
843
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8DF9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e77151c7176e8a2cf5cddd979cc61ab2d0cdf95c1303a7267fa8b598a9f4c8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8266f9240f3b01e3-ZRH
content-encoding
br
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwMfPwO7jR1NfQD3tYg0%2FS%2BuW8dVf%2Bu5VeDlo0aIb3vJyvV0wqA%2B8I3l34oJbA%2FY8hmFOJNRKs%2BbxkteK7A1wWy%2B%2Bhjbc4BqYJOLj%2F428DDwcOnoxm9Cxd2hpT9axCFuBzTHtY3Wzpe6Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CC00
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Nov 2023 10:57:25 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 375C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18599
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Wed, 15 Nov 2023 16:07:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 1263 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d2fa3b8dea1c733629259cb9a7d06d6eaf9d23000bfd87a1b611ca40d7f38762

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-id
rOowY-LKSJlPuMyn--EyK1haTxAkpcW4PbXcVDVms1HDLudos9vZ7g==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 8303 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Wed, 15 Nov 2023 10:57:25 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 2E74 		557 B
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.83.246.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-246-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
3c636ea64ef9780d7e7d17bf1756cd6708d9a3e284544f265c1fc5ea234455b2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=7326357577168534038
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7326357577168534038
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
an-x-request-uuid
a098897c-9310-4bc7-b088-8ef15e33702f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7326357577168534038
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HqPRrRZHROA0Lw1SQ2iFNfcY
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HqPRrRZHROA0Lw1SQ2iFNfcY
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HqPRrRZHROA0Lw1SQ2iFNfcY
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 4723 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Nov 2023 10:57:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=7177849136
  • https://sync.1rx.io/usersync/turn/2438261541404852095?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX291bc5d9634c463ba87ba4799f32f8f1003
content-type
text/html
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5142336726325955581
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5142336726325955581
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5142336726325955581
Date
Wed, 15 Nov 2023 10:57:25 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=88b28cb9-490f-4de0-a502-23ebbbf43de1
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=88b28cb9-490f-4de0-a502-23ebbbf43de1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-94
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=88b28cb9-490f-4de0-a502-23ebbbf43de1
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif
us.shb-sync.com/ Frame 4723
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-012c6e6a-29df-3715-b451-0d83bd8b7c96&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...
0
0
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 4723 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.228.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-228-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
sync
ads.servenobid.com/ Frame 4723
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 15 Nov 2023 10:57:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 15 Nov 2023 10:57:25 GMT
362358.gif
idsync.rlcdn.com/ Frame 134E
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=5cfd6b5d6f63419e90811ed3658b5d56
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2438261541404852095
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e3492547-5570-4d85-8558-20a12cec997a
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=0e40bdaf-e27a-47fe-88db-537582e975e6%3A1700045846.2191541&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0e40bdaf-e27a-47fe-88db-537582e...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726325955581&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0e40bdaf-e27a-47fe-88...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=0e40bdaf-e27a-47fe-88db-537582e975e6%3A1700045846.2191541&_=1700045846.2223113
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjcwZTQwYmRhZi1lMjdhLTQ3ZmUtODhkYi01Mzc1ODJlOTc1ZTY6MTcwMDA0NTg0Ni4yMTkxNTQxEAAaDQiWyNKqBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHtaJowL63Yw3dX2jPRG9a4&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHtaJowL63Yw3dX2jPRG9a4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHtaJowL63Yw3dX2jPRG9a4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 134E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 134E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C1VD60MG4ZGJCCTDED9B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 134E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UB7r%2BYBXFKMo3OJSn9IWjP6Nvpv81YTVe%2FCzxF79Bi1gOhRNxwyzu8Db90eEQJE%2F4O13Uc4BTzh4twv7sebZUv5IL3y%2FNtpd%2Bwpsa5se9djvxMmyLmchqumCUsJd4CkIhl4oN2dpfC7LvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f924881601e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIjTKAkPHY5mIfykROJkXRk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 134E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715770645&external_user_id=05234b0e-250a-4b5e-a4e3-4d9868ce08dd
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715770645&external_user_id=05234b0e-250a-4b5e-a4e3-4d9868ce08dd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMB78o4QTK8JP6gfbmHuGjVQjw%2F7HhbziLWtptyukUUZOVrC0UQXGXcdc63YxBgeneQK%2BJGlCS6gH4Co1dfXpa59zyGLECZSPlhg2mNEUCy4l1KtuiZxHHAP%2BZ4tHAlP85g0Fo4h4lNxMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f9259a3d01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715770645&external_user_id=05234b0e-250a-4b5e-a4e3-4d9868ce08dd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 134E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:29b0:22b3:ca65:1176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 134E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=69a3b6904d631848&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIy2Fw3e6bUwMRAkjfAAAAAAA&expiration=1700132245&is_secure=true
43 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIy2Fw3e6bUwMRAkjfAAAAAAA&expiration=1700132245&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4T4p%2FTrGpxbWl61aHwlpEpW9nJr7m4fPFIXiT7c3vefdLvaKV75CzNE05iXeL%2BrVbZy4RFraqlqZciDHo3imPWO9vRVSPq7RZIJ1GpaMc2RWjAOqG4AjgzE2nMJavibydUFMot8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f9259e5a23af-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIy2Fw3e6bUwMRAkjfAAAAAAA&expiration=1700132245&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ix
ad4m.at/ad/sim/ Frame 134E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame 134E 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVSkEpCJnkWPntFBDNTn7gAA%263345
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
29516
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8266f9246ddf01f4-ZRH
content-length
43
expires
Thu, 16 Nov 2023 10:57:25 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame D67F 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1231995
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8266f9244dd70e03-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
bounce
ib.adnxs.com/ Frame F72A
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
an-x-request-uuid
566aa130-0295-46dc-8319-8f7e7095abb5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
an-x-request-uuid
4956f927-5d34-4945-aa56-9fe747f1a09a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
log
c21lg-d.media.net/ Frame 3436 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3430474437251785000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-160-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 15 Nov 2023 10:57:25 GMT
52154.gif
idsync.rlcdn.com/ Frame 8DF9
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVSkEpCJnkWPntFBDNTn7gAA%263345&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e349254755704d85855820a12cec997a
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2438261541404852095
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e3492547-5570-4d85-8558-20a12cec997a
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3b26b712-369f-4b71-9918-63f7b98fce69%3A1700045846.2289739&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3b26b712-369f-4b71-9918-63f7b98...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336726325955581&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3b26b712-369f-4b71-99...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3b26b712-369f-4b71-9918-63f7b98fce69%3A1700045846.2289739&_=1700045846.231005
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=48507131891807019
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=48507131891807019
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
an-x-request-uuid
0dc2fa6d-9671-42fe-8205-99a9337c3800
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=48507131891807019
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8DF9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7326357577168534038
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7326357577168534038
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRDxVgmvALJFYPuK7gWeyoIFYWL7wAfduBA8P6TqZWCg%2BnmOrRUF5VXHS%2FTD%2FL8jz5n6Z6Duz5pC%2FlCww2VPwNgxOGcKejlXluovxcMP%2FXz4YJiIwpGdapsb6u%2B8iF5nYLXZVVHXRRZT8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f924c89701e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
an-x-request-uuid
27b6bf76-1d0e-4f67-bd4b-7a1b6b78154c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7326357577168534038
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8DF9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:29b0:22b3:ca65:1176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 8DF9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ezeWbCw2kmlgZJJtLzqOa3wxx25gZ5o8fmf3mj6I
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ezeWbCw2kmlgZJJtLzqOa3wxx25gZ5o8fmf3mj6I
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQ2lo9ebC95%2Frev4llmCvcpNRPXaczhtO%2BV9M%2FCQc2aBJA1ZpMNqcTLp163zH6R1THUD%2Fdypn2F%2FIwkFbRcYPO07Yzm%2ByqrKpOLFa5eUrun7eiq0y3z20XYF5idl0nQ5w%2FZtJzO9TMBxxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f924d8a401e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ezeWbCw2kmlgZJJtLzqOa3wxx25gZ5o8fmf3mj6I
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge
cm.adgrx.com/ Frame 8DF9 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 8DF9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EC90A40E437D411EBE6188384A13407E
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EC90A40E437D411EBE6188384A13407E
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aa4UgnuADfQaAYCzgNjVCsPf5wir90aYPm%2BlT0y3Hy5iWfnCvsRa69b0L5htNitsjLvalYhQe58Tc4tIbleEHV6DHiIff9TPFXSPZU5QtDCXcdRDVwO7Qqj4hHNkBOKPj6D6G6hXHYMRFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f924d8a801e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EC90A40E437D411EBE6188384A13407E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 14 Nov 2023 10:57:25 GMT
crum
dsum-sec.casalemedia.com/ Frame 8DF9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vm89xB1bceMsau2LjSGHcPt5hWAkp4YZoBBCPhvKp4t56D4ybOKXDbVSQmsDRyHrTr5P0Mc12KmRZZZoqIEcCr41tknyaQRsM%2FLgYw10wXSjVft08eS6dO4PSUdSanXBsKh1LlWTbP9VsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8266f929189e01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
dcm
s.amazon-adsystem.com/ Frame 8DF9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PWNMB24Z1H8T14P7Y08F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.servenobid.com/ Frame 8DF9 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 3C98 		0
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f924be5f0e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding
viewability
hal900014.redintelligence.net/ Frame 409C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=43401500063257004438466012509014&a=f93e30cc&vb=v
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=43401500063257004438466012509014&a=1965d807
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
7168262712027533764
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 22B6
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/7168262712027533764
0
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/7168262712027533764
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f92638bb0e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/7168262712027533764
PugMaster
image6.pubmatic.com/AdServer/ Frame 375C 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7157257&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd6053178fc8f836570b1cf78d83c402bc396703979e32d66c63589aba538fe8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame CC00 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6330f30714835990abd39bca7dc7fd4c331adbdfc0a1c842903bf9f2d19810c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Nov 2023 16:28:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19876
Connection
keep-alive
Content-Length
13281
Expires
Wed, 15 Nov 2023 16:28:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97B9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1285499660545&version=m202309260101&ct=77&x=1&cor=2845737962323680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7326357577168534038
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7326357577168534038
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
an-x-request-uuid
c8535c2e-1793-46ec-ac84-17c3fdff8939
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7326357577168534038
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7a9f0a61-2c0a-4042-8702-8f42550e303c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c24c36e9-7ceb-4bea-bd02-725a4a4219e5&expires=1&user_group=5&ssp=gumgum2&bsw_param=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&us_privacy=
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=33bcadbb-0c3b-08b5-34e5-2a07db3352f7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=33bcadbb-0c3b-08b5-34e5-2a07db3352f7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 15 Nov 2023 10:57:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=33bcadbb-0c3b-08b5-34e5-2a07db3352f7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-559ea09d-024b-5524-5aa6-0fd67e4fbc20$ip$176.10.106.5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-559ea09d-024b-5524-5aa6-0fd67e4fbc20$ip$176.10.106.5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-559ea09d-024b-5524-5aa6-0fd67e4fbc20$ip$176.10.106.5
Date
Wed, 15 Nov 2023 10:57:25 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-7BEaulpE2pdrbdDKt34YFxOdc3q_PzSn7hds~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-7BEaulpE2pdrbdDKt34YFxOdc3q_PzSn7hds~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-7BEaulpE2pdrbdDKt34YFxOdc3q_PzSn7hds~A
content-length
0
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=234bade2-ecb2-40f0-b4cd-4730af60b55e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=234bade2-ecb2-40f0-b4cd-4730af60b55e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=234bade2-ecb2-40f0-b4cd-4730af60b55e
Date
Wed, 15 Nov 2023 10:57:25 GMT
Connection
keep-alive
X-CI-RTID
cc498f46-29f4-4f43-b3ba-87f8d6f38acb
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 811C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7a9f0a61-2c0a-4042-8702-8f42550e303c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_7a9f0a61-2c0a-4042-8702-8f42550e303c&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=HIFgeU4I6Gp6hq--SPAE&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=HIFgeU4I6Gp6hq--SPAE&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=HIFgeU4I6Gp6hq--SPAE&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=gfixybuSFOC7&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=gfixybuSFOC7&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=gfixybuSFOC7&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-bfmq7
expires
-1
usersync
usersync.gumgum.com/ Frame 811C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7168262712027533764
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7168262712027533764
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7168262712027533764
date
Wed, 15 Nov 2023 10:57:24 GMT
content-length
0
sync
ads.servenobid.com/ Frame 811C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_7a9f0a61-2c0a-4042-8702-8f42550e303c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
48507131891807019
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 7AF6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/48507131891807019
0
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/48507131891807019
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f9259fe30e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
80ee8559-ba08-4e20-8123-2d97b76a94fa
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/48507131891807019
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2823 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1492369889219&version=m202309260101&ct=77&x=1&cor=13922891142377982000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame A1A8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=1861992871520555189&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=1861992871520555189&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.165.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-165-75.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=1861992871520555189&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame BAD5 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YTlmMGE2MS0yYzBhLTQwNDItODcwMi04ZjQyNTUwZTMwM2M=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0320 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18599
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Wed, 15 Nov 2023 16:07:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame CC00 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOZNEET6-1Q-1N34
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
sync
ads.servenobid.com/ Frame 84D7 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7168262712027533764&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 84D7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=44NTvbSCV7j40Fe8t45LuuSFAr_401_t5tNBzimq
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=44NTvbSCV7j40Fe8t45LuuSFAr_401_t5tNBzimq
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=44NTvbSCV7j40Fe8t45LuuSFAr_401_t5tNBzimq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84D7
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzE2ODI2MjcxMjAyNzUzMzc2NA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzE2ODI2MjcxMjAyNzUzMzc2NA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzE2ODI2MjcxMjAyNzUzMzc2NA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
p
a.audrte.com/ Frame 84D7
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGxobG90QmNneWVUbkdNSHdJVW5OQmFkUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDhsaGxvdEJjZ3llVG5HTUh3...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=1861992871520555189&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=8lhePALZGkWSWWbma2a2tNTJQ&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=7168262712027533764&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
63.34.193.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-193-74.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:26 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 84D7
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=061bb0cf-5b7a-4bdd-9180-1868ef2559cb&gdpr_consent=null&gdpr=0
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=061bb0cf-5b7a-4bdd-9180-1868ef2559cb&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=061bb0cf-5b7a-4bdd-9180-1868ef2559cb&gdpr_consent=null&gdpr=0
date
Wed, 15 Nov 2023 10:57:25 GMT
server
_
content-length
0
LOZNEET6-1Q-1N34
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 3E08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LOZNEET6-1Q-1N34?gdpr=0
0
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LOZNEET6-1Q-1N34?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f925f87d0e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LOZNEET6-1Q-1N34?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
66ef90d06496cfd000aab8206f2b6221
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame A263 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 15 Nov 2023 10:57:25 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame B218
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVSkFcCo8X8AAE54v1IAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVSkFcCo8X8AAE54v1IAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 15 Nov 2023 10:57:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 15 Nov 2023 10:57:25 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVSkFcCo8X8AAE54v1IAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad433.dc4p.scaleout.jp
X-SO-IP
176.10.106.5
X-SO-Key
ZVSkFcCo8X8AAE54v1IAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"176.10.106.5","key":"ZVSkFcCo8X8AAE54v1IAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad433"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad433
usersync
usersync.gumgum.com/ Frame DDF6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 15 Nov 2023 10:57:25 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT Wed, 15 Nov 2023 10:57:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame DABA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Nov 2023 10:57:25 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
ap.lijit.com/ Frame 1263 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Nov 2023 10:57:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
apn
ads.playground.xyz/usersync/ Frame 1263
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
e7e511a0-eae2-447c-b031-dcd3678b8489

Redirect headers

location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
date
Wed, 15 Nov 2023 10:57:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
176
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 1263
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=18b1af95784d4754dd872abc93894654
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=18b1af95784d4754dd872abc93894654
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
cT0K6SOrRC7_08br-BmZOCHu_zux_fwfwbEGFmH64amugM8b0RhrpQ==

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=18b1af95784d4754dd872abc93894654
x-kong-upstream-latency
23
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 1263
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4113075282959722239675
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4113075282959722239675
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
77k3jbJSznlrtWJ5Cj4hSOoUvdQe-QLMOsCx6EvLgeT6l2iK-_5muw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4113075282959722239675
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 1263
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5dd8ebcf-5bbc-0fb7-2b06-231d5360d954
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5dd8ebcf-5bbc-0fb7-2b06-231d5360d954
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
6ALEKHiplf9vfNNCT7ITBvAmgmAZl_KpSvNGVVfWMg0MURQo2E7aOA==

Redirect headers

date
Wed, 15 Nov 2023 10:57:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=5dd8ebcf-5bbc-0fb7-2b06-231d5360d954
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 1263
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
6eNL0CYai0oTbADVrMswwxIjd5JzXcSqjTU0kz36uFACZXkcpuXb9Q==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 1263
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVSkEpCJnkWPntFBDNTn7gAA%263345
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVSkEpCJnkWPntFBDNTn7gAA%263345
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
EFsnymG8f9OPZjfQtYaoCB7b-jScEUlzVtcuIgtpkx0itefdBsrlhg==

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw0vPbvqcs1w72Il6lKlwS4uXFl%2By8hSL0qatx5i0B5mG6zdeKB1%2B8cOtLgv3nXiO3QxV3%2FaoSD4pHoQe3uIqmUfMfkxgcE5aRjpeNNwi7gcosx%2FnkR3Eke8CChdRDRJ5pKcruIxRgc47w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVSkEpCJnkWPntFBDNTn7gAA%263345
cache-control
no-cache
cf-ray
8266f9266bbf01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 1263 		0
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=WG4ZTxzzCp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0BE8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18599
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Wed, 15 Nov 2023 16:07:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
img
sync.mathtag.com/sync/ Frame 8EA7 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 70CE 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 10:57:24 GMT
expires
Wed, 15 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
321151
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame BBBA 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=92F189C5-44AD-4066-9CB9-7B0CB284505B&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 15 Nov 2023 10:57:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8BHJ60AEDTG65PS2HFH5
Pug
image2.pubmatic.com/AdServer/ Frame F4B8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 01A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=48507131891807019&gdpr=0&gdpr_consent=
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=48507131891807019&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ab313a5f-e331-4105-a0ef-ce3c892e3cf3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=48507131891807019&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6CC4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7301641305985841294&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7301641305985841294&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 15 Nov 2023 10:57:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7301641305985841294&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
ImgSync
image8.pubmatic.com/AdServer/ Frame EC5B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VZ6gnQJLVSRapg_Wfk-8ILAKagU&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 15 Nov 2023 10:57:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cs
cs-rtb.minutemedia-prebid.com/ Frame CE32
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
0
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Wed, 15 Nov 2023 10:57:25 GMT
server
istio-envoy
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-id
5-wx50GsEHhBIRKZBeQ_XhsASBmN1Jizxzp1NTMrKNijw2-g8FXxnQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
117
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 10:57:24 GMT
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame C97B
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb9af4910f73d4adfafb68f6edaadfe92
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb9af4910f73d4adfafb68f6edaadfe92
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb9af4910f73d4adfafb68f6edaadfe92
pragma
no-cache
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 1AD5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWC1FN0txVWdBQUJQbXpJa2RLQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEX-E7KqUgAABPmzIkdKA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEX-E7KqUgAABPmzIkdKA&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEX-E7KqUgAABPmzIkdKA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7168262712027533764&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEX-E7KqUgAABPmzIkdKA&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
bridge
cm.adgrx.com/ Frame 92B0 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 15 Nov 2023 10:57:25 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-6
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame DCB4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 33CE
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame 9280
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 526E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4007090260949525310
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4007090260949525310
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4007090260949525310
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 13C4
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336726325955581
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336726325955581
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 15 Nov 2023 10:57:25 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336726325955581
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cm
ipac.ctnsnet.com/int/ Frame ABC8 		43 B
311 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 15 Nov 2023 10:57:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame E454 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 15 Nov 2023 10:57:25 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-09e3b9b89609@version_1.576
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame C8D0 		0
0
sync
ads.servenobid.com/ Frame 3D20 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Wed, 15 Nov 2023 10:57:25 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 375C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kvGJxUStQGacuXsMsoRQWw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18599
accept-ranges
bytes
content-length
5606
expires
Wed, 15 Nov 2023 16:07:24 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 375C
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.255.67.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-67-121.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.56
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.8.148
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 375C
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3195655375
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3195655375
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 google
last-modified
Wed, 15 Nov 2023 10:57:25 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:24 GMT
via
1.1 google
last-modified
Wed, 15 Nov 2023 10:57:25 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3195655375
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 375C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGxoZVBBTFpHa1dTV1dibWEyYTJ0TlRKUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1861992871520555189&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
63.34.193.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-193-74.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 375C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTJGMTg5QzUtNDRBRC00MDY2LTlDQjktN0IwQ0IyODQ1MDVC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 375C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRaaHrsgQM5wdtD4sDXGQo&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRaaHrsgQM5wdtD4sDXGQo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJRaaHrsgQM5wdtD4sDXGQo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 375C 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 14 Nov 2023 10:57:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 375C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1861992871520555189
42 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1861992871520555189
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1861992871520555189
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 375C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 375C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Pqqmb2tE2uWVFh1oLvLk_G0nKWH80mc-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Pqqmb2tE2uWVFh1oLvLk_G0nKWH80mc-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Pqqmb2tE2uWVFh1oLvLk_G0nKWH80mc-~A&gdpr=0
date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
92F189C5-44AD-4066-9CB9-7B0CB284505B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 375C 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/92F189C5-44AD-4066-9CB9-7B0CB284505B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:29b0:22b3:ca65:1176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ Frame 375C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a844fc12-9a52-433d-8320-5b21d2f072eb-6554a415-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 375C
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=481ab759cdfc179d&is_secure=true&networkId=17100&version=1&nuid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIYBazbT1dogN3HjH_AAAAAAA&expiration=1700132245&nuid=92F189C5-44AD-4066-9CB9-7B0CB284505B&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
q-Ts3oZzeDe_fbdoWRdnKJniMIl_Y7NqmJbHCn4GJ8unQR2kUGsVsg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
date
Wed, 15 Nov 2023 10:57:25 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 375C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2438261541404852095&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
0
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
1zatHu34hdCNl2a9Q3raDKh8lmO-Y8C9tSuUcYhqA5U_tMc5aBcOzQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 375C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7003ae82-8c46-412e-8bca-1edaae5d19ff&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2600:9000:223f:7200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
_7lGXwQc26tn_AwjMGY8C2SvYBrFJpdiaG5X2YhMJAJ0qSWyrgDy7w==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
date
Wed, 15 Nov 2023 10:57:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame CC00
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOZNEET6-1Q-1N34
  • https://ads.servenobid.com/sync?pid=323&uid=LOZNEET6-1Q-1N34
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LOZNEET6-1Q-1N34
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LOZNEET6-1Q-1N34
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
usync.js
eus.rubiconproject.com/ Frame DABA 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6330f30714835990abd39bca7dc7fd4c331adbdfc0a1c842903bf9f2d19810c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 10:57:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Nov 2023 16:28:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19876
Connection
keep-alive
Content-Length
13281
Expires
Wed, 15 Nov 2023 16:28:41 GMT
3f076d65-d70a-41f5-9e80-a0b0a0451eb4&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 0191
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/3f076d65-d70a-41f5-9e80-a0b0a0451eb4&partner_id=1010
0
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/3f076d65-d70a-41f5-9e80-a0b0a0451eb4&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f9282b940e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/3f076d65-d70a-41f5-9e80-a0b0a0451eb4&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
61cbcb5d-144b-0e7d-15eb-fd066ddffbc3
csync.smilewanted.com/set_partner_userid_get/openx/ Frame B843
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/61cbcb5d-144b-0e7d-15eb-fd066ddffbc3
0
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/61cbcb5d-144b-0e7d-15eb-fd066ddffbc3
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f926b9850e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/61cbcb5d-144b-0e7d-15eb-fd066ddffbc3
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
v1
match.sharethrough.com/universal/ Frame 2E74 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.228.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-228-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
cs
cs.yellowblue.io/ Frame 2E74
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=e5b62b22524fca0ec9b91a025e2fcd&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=e5b62b22524fca0ec9b91a025e2fcd&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.210.50.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-50-120.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=e5b62b22524fca0ec9b91a025e2fcd&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700045845618074-563
cs
cs-server-s2s.yellowblue.io/ Frame 2E74
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.83.246.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-246-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=92F189C5-44AD-4066-9CB9-7B0CB284505B
date
Wed, 15 Nov 2023 10:57:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 2E74 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=Bm4ZTxz-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
ap.lijit.com/ Frame A5F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 15 Nov 2023 10:57:25 GMT
X-Sovrn-Pod
ad_ap6ams1
1861992871520555189
csync.smilewanted.com/set_partner_userid_get/adform/ Frame D2B5
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1861992871520555189
0
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/1861992871520555189
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f9285bd30e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 15 Nov 2023 10:57:25 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/1861992871520555189
server
nginx
khaos.json
token.rubiconproject.com/ Frame DABA 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOZNEET6-1Q-1N34
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame F749
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f928fcb80e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Nov 2023 10:57:25 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame DABA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOZNEET6-1Q-1N34
  • https://usersync.gumgum.com/usersync?b=mag&i=LOZNEET6-1Q-1N34
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOZNEET6-1Q-1N34
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOZNEET6-1Q-1N34
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 8ADB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q?pi=smilewanted
0
725 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f9281b650e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 15 Nov 2023 10:57:25 GMT Wed, 15 Nov 2023 10:57:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q?pi=smilewanted
pragma
no-cache
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:25 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-165
cdn-cachedat
10/31/2023 18:51:10
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
a48e8c1c94bdea8f87b59513d8d3aa5c
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045845945&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2865034384650924&scor=4426199573916393&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D587 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~loznegku&c=2509749297961&slotId=1254874648980.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c10::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F72A 		0
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
an-x-request-uuid
3f481e12-232f-4da0-adfe-d05a4b12c966
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.5; 176.10.106.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700045846209&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1569&pt=-651245197&tz=60&viewable=true&ddast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 15 Nov 2023 10:57:26 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1441
x-cache
MISS
x-served-by
cache-mxp6923-MXP
pragma
no-cache
server
nginx
x-timer
S1700045846.218042,VS0,VE50
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame BEA9 		802 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Requested by
Host: genieeintl-d.openx.net
URL: https://genieeintl-d.openx.net/w/1.0/jstag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c6d21ed29a98c9725cd2e5e259497e60f8f3820d419a8b74a53460656ab6700d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
456
content-type
text/html
date
Wed, 15 Nov 2023 10:57:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame BEA9
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5142336726325955581
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5142336726325955581
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5142336726325955581
Date
Wed, 15 Nov 2023 10:57:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame BEA9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVSkFQAD9Hez5AAU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVSkFQAD9Hez5AAU
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mxp6971-MXP
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700045846.295042,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVSkFQAD9Hez5AAU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame BEA9 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ox
match.prod.bidr.io/cookie-sync/ Frame BEA9 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.96.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-96-209.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 15 Nov 2023 10:57:26 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BEA9
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=669254a9b9c018fd&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIy2Fw3e6bewMCIMtUAAAAAAA&expiration=1700132246&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIy2Fw3e6bewMCIMtUAAAAAAA&expiration=1700132246&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIy2Fw3e6bewMCIMtUAAAAAAA&expiration=1700132246&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame BEA9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=VZ6gnQJLVSRapg_Wfk-8ILAKagU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=VZ6gnQJLVSRapg_Wfk-8ILAKagU
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=VZ6gnQJLVSRapg_Wfk-8ILAKagU
Date
Wed, 15 Nov 2023 10:57:26 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame BEA9
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=G9eD942oic216nZdwHppCw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
50466f8f-b482-a2aa-6249-2c1fec349ef8
pr-bh.ybp.yahoo.com/sync/openx/ Frame BEA9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/50466f8f-b482-a2aa-6249-2c1fec349ef8?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:29b0:22b3:ca65:1176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame BEA9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=2e9e754b-91f5-4f82-8feb-d0e67474fa77&ssp=openx&expires=30&user_group=5&bsw_param=9b0448ec-d5e2-415e-a5d4-664128ef3abf
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=9b0448ec-d5e2-415e-a5d4-664128ef3abf&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 15 Nov 2023 10:57:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame BEA9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=openx&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=a0527399-465a-45da-a1aa-d06dd857c10d
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=PehO3hprIQrOf8IrmXK5uQq0YK-k71bON3Il6E2n-5Q&pi=openx&gdpr=0
pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT, Wed, 15 Nov 2023 10:57:26 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rtct_adp_lib.20200515.min.js
js.genieessp.com/j/ Frame FF08 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1551001
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:26 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 03:22:42 GMT
server
nginx
etag
W/"652cac82-411a"
content-type
application/javascript
cache-control
max-age=31536000, private
cross-origin-resource-policy
cross-origin
expires
Thu, 14 Nov 2024 10:57:26 GMT
cic
ialaddin.genieesspv.jp/yie/ld/ Frame FF08 		43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ialaddin.genieesspv.jp/yie/ld/cic?cik=tiVS0OAUYuAKwbTFaanxjzLu72HkRxuZnWfk9u6H2uLXBB5ILMN0KG1BKBV94VTsxY0ypFtvxzv7FvU2UpLT5xQaWV8&noas=11030163
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045846880&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3610858998238255&scor=2977502744375468&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D587 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~loznei61&c=2509749297961&slotId=1254874648980.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c10::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		339 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:27 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:59:54
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
e172bb82a2a33c4904b879eefb6ff621
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
SPug
simage4.pubmatic.com/AdServer/ Frame 375C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045847807&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3022264049151570&scor=3333603249575792&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 375C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23459377&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
afebc5864c9a64c77ad33510e4c55cd73af032ea4e286771401733f9ac70b2d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 15 Nov 2023 10:57:27 GMT
content-length
1582
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 68F0 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 15 Nov 2023 10:57:28 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
a.tribalfusion.com/ Frame B1AA 		43 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8266f938d8cff124-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:57:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 72A0 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame CF4B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=30d090c21b5bce22/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=c27aa4038a938aacec2d17dcb0674c2c&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYaQaRajXbhVhjnXX&gdpr=0&gdpr_consent=
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYaQaRajXbhVhjnXX&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 15 Nov 2023 10:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYaQaRajXbhVhjnXX&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame C9CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 15 Nov 2023 10:57:28 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame C40F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EC90A40E437D411EBE6188384A13407E&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EC90A40E437D411EBE6188384A13407E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 10:57:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 15 Nov 2023 10:57:28 GMT
expires
Tue, 14 Nov 2023 10:57:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EC90A40E437D411EBE6188384A13407E&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame B603
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2373514368
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2373514368
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 15 Nov 2023 10:57:28 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 15 Nov 2023 10:57:28 GMT
etag
RX291bc5d9634c463ba87ba4799f32f8f1003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2373514368
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame FD91 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.250.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-250-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Wed, 15 Nov 2023 10:57:28 GMT
mw
mwzeom.zeotap.com/ Frame 375C 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:28 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8266f9393f260e42-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 375C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=92F189C5-44AD-4066-9CB9-7B0CB284505B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=92F189C5-44AD-4066-9CB9-7B0CB284505B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=92F189C5-44AD-4066-9CB9-7B0CB284505B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:32 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:32 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=92F189C5-44AD-4066-9CB9-7B0CB284505B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 375C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=92F189C5-44AD-4066-9CB9-7B0CB284505B&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b231cba2ecdf59df/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=c27aa4038a938aacec2d17dcb0674c2c&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:28 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700045840912&gcd=11l1l1l1l1&dma=0&cid=1672339767.1700045841&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700045843&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dt=%E8%AA%8D%E8%AD%98%E7%9A%84%E5%A5%B3%E4%BA%BA%E9%83%BD%E5%8F%AB%E4%BE%86%EF%BC%81%E5%8B%9D%E5%88%A9%E6%80%A7%E6%8B%9B%E5%BE%85%E6%97%A5%E5%95%86%E9%82%84%E4%BB%94%E7%B4%B0%E5%8F%AE%E5%9B%91%E3%80%8C%E7%99%BE%E5%80%8D%E5%A5%89%E9%82%84%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=7&tfd=9953
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0320 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30207811&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 15 Nov 2023 10:57:28 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 0BE8 		47 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30030274&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 15 Nov 2023 10:57:28 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame 3436 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 15 Nov 2023 10:57:28 GMT
Expires
0
Pragma
no-cache
92F189C5-44AD-4066-9CB9-7B0CB284505B
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame DBD9 		0
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f939cab10e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:28 GMT
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C2E2 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 15 Nov 2023 10:57:28 GMT
Expires
0
Pragma
no-cache
92F189C5-44AD-4066-9CB9-7B0CB284505B
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 1EEF 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/92F189C5-44AD-4066-9CB9-7B0CB284505B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8266f93a4b2a0e03-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 10:57:28 GMT
server
cloudflare
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045848921&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=1321680481501351&scor=2481603362769341&ged=ve4_td8_tt5_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700045849213&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1569&pt=-651245197&tz=60&viewable=true&ddast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
900ec78b1fa39580505c2dce4aa6c8c421936098b2ade5d65c2f0c21acc2030f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:29 GMT
content-encoding
gzip
server
nginx
machineid
1459
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=11657&tvi50=9058&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231114-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
86
date
Wed, 15 Nov 2023 10:57:29 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
83404
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6923-MXP
pragma
no-cache
server
nginx
x-timer
S1700045849.390487,VS0,VE86
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
video10.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		323 KB
324 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video10.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:29 GMT
cdn-edgestorageid
1078
cdn-storageserver
DE-199
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
330880
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
e1439ce916eaaf1b3b148f56eb08914c
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045849788&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3343485012425547&scor=166063915342548&ged=ve4_td9_tt6_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 375C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045850704&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3343485012425547&scor=3728148646216522&ged=ve4_td10_tt7_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045851564&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3343485012425547&scor=1804083344874467&ged=ve4_td11_tt8_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video11.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		308 KB
309 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video11.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
410d5e9dc92f3ecce58f78866878761cf25b32e2fc394660eeead55b35263c1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:31 GMT
cdn-edgestorageid
1078
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 19:00:29
cdn-pullzone
829957
content-length
315464
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
340
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
3cfd5da34effae8b49cc0256fbb3c37b
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700045852217&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1569&pt=-651245197&tz=60&viewable=true&ddast=V82zkCLAYk8OqJ9U0WOxJI4NUT65ssdiwAAABgYID-AEmOlhOPy7Nbi1Yz21q0Mm3WEtNwtNZNBouRZWba-FaOISCRwWg1sg2Ga4VhtnKLRrPBWuIZOdyyxWDmXNgGo5nNMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ9aDodPte9Xvf73SU-z1zj9yv8kpfdrTk63SKXW-56S152t8j1ljodfrfY4XRrji67zy12uoVPu88tPTr8bpHD6ZY83Zqjw-5zC10Pu1v6dAufbpHT7nNLj663xOF0S1xOt8xl97mFrofdLjS9zXYAAAAA8AAgLfYRwg8gAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACAAWDhdlUDwDOHBHTdXXaLy_LzBwCAhwIQAAACGCQAENAPSwDEGO-dAAAAAAAAAABg8f___x9jAL-yTwbBwHpND4AHHwAPRAogizACAAAAAKugVnBkkk5QsagCAECQbgXgCgBAwKI06DlnGAAAAIExC_Sw-P1mh13jd7sMAAAAAAAAAICZ_zP_aIR4cKXSBBmEI6n5BQQAWPMLCADARt0AALwJgBN0CFoxGKxOQMwOAAAAwJ3___9_PSAy8q0WtsHItHFZFr7lbGMy7ma75W40GYxGLpthe4ieN5MGhs7U-mwIy-z3HRSU09NjdhlkLJfJID5oGJaTQTA_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHgyrIxbIwbt2K42qxFk43NLXGMRm7dyGQxrZyLjXNhWIteH9PHtLIsl4stEgwY3IvgIp0IHma3w_RyS3yejd8ilmhOFulEdtlXRr7VwjYYmTYuy8K3nG1Mxt1st9yNJoPRyGUz7Isry8awMW7ciuFqsxZNNja3xDEauXUjk8W0ci42zoVhLXp9TB_TyrJcLvaN3WAwGK2Go8W-sRsMBqPVcLTYd-gM39XnbFSWVZKPSyzzXLvmmtOgcBks3pf6dB4WjAX1tHN06pRnZUFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz2IDQZFLBGcLtKJ6GU8XcQSydMinchMy4llMxxOPL7darRaDnarwW60Gi6Gu9HI43BNxBKl6SKd6BV-ycvu1hydbpHLLXe9JS-7W-R6S50Ov1vscLo1R5fd5xY73cKn3eeWHh1-t8jhdEuebs3RYfe5ha6H3S19uoVPt8hp97mlR9db4nC6JS6nW-ay-9xC18NuF5reZov6jxhiN5srBnPFYDZXrRIAAAAAAAAAgCWYZroJAAAAgJNBDTfDxWq5AC6CsnQBmwAAAAAAABRr7LEGeJjdDtPLLfF5Nn4rA5BgzmO2mWcEsVarZQ0AAEAAGwAAQAA33XgT0B7J2Qd0NX6t0ANHyo8gB6vh_gGoEGu1Wj5frNVqCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d26ae523edbd258d6f649f6cef6e79b453dd38400e8fb58aae62422d3e324ef1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 10:57:32 GMT
content-encoding
gzip
server
nginx
machineid
1477
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045852436&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3343485012425547&scor=2871244221328055&ged=ve4_td11_tt8_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045853342&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3343485012425547&scor=538754017138271&ged=ve4_td12_tt9_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video12.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		502 KB
503 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video12.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1075:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1075 /
Resource Hash
6c7ce900f65fbf31e9380c2e6caa3d015209b64eb39c3538cc1f483b9befd5f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:33 GMT
cdn-edgestorageid
863
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 20:10:54
cdn-pullzone
829957
content-length
514180
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1075
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
dca1425610326d8d75909e4517a39c57
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame D587 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&vpa=auto&vpmute=0&sdkv=h.3.603.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.603.0&sid=FE053815-D215-4C98-9493-81403B17AF49&nel=0&eid=44772139%2C44777649%2C44781409%2C44785452%2C44802074%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&dlt=1700045840888&idt=3262&dt=1700045854265&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=3343485012425547&scor=3473797551401173&ged=ve4_td13_tt10_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/aa002785cfe427d3749b1467babfc33b.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/3cdc122d055526e16fb9313c569df057.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/b0c2e8e1461cd16d6061d434232da91d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/7afbca5d6ce79939ebba39b0c57847cc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/98aef8785adb1c6e2dea2963c45a511f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ef34e2bdee6e1a4eeb04ad8a81a81c02.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/01d91856e6768f229c3ede8dc9c5f23c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/692724cd05f467eed065daad093f9527.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9e18714a714d4df24457e6012541d777.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ab60c5c1c97f6fd1a0b72d56e49298dd.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c6ad0aa2daa483e7437ad68f36f76b8d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/f470d983a2abeb41e0f2008f333aa827.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/89454e5b577279e82783d2ea5f3b8cb2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9049f7d59f2e1209cf6b3fa330453779.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/19164cfd3bf7b0ca4992e392dead587a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d8f3fd80a46a7cdb8a203fced0451e9c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/968aa298eee2c7c5e46c773ecc588ff2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/1fc0af5c17676ac808940582afa5bc65.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/100a421dab8da16cd26064baffe97125.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/3db1fbe2f43b50a8af08cd98918ab338.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d21edbcc85c38bedd1e4463e4bff9549.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/255c10d61e3d52d72c2d31c8c188ab07.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/358644ab4c71dd184cf61fef9e53bf83.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3292827c832174ca5d4f6eb2984ea724.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/6c9e86b684a9a9e61795c4ef62fea742.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/3d79ae5215dcef91b20265ced5a03f90.jpg?w=150&h=100&q=100
Domain
us.shb-sync.com
URL
https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-012c6e6a-29df-3715-b451-0d83bd8b7c96&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMTJjNmU2YS0yOWRmLTM3MTUtYjQ1MS0wZDgzYmQ4YjdjOTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wMTJjNmU2YS0yOWRmLTM3MTUtYjQ1MS0wZDgzYmQ4YjdjOTYyAh8GOAE=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVSkFQAD9Hez5AAU
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _statcounter object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| google_tag_data object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs function| setImmediate function| clearImmediate function| onYouTubeIframeAPIReady object| gaGlobal object| googletag object| ggeac object| google_js_reporting_queue function| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| adRecover undefined| jqAlias object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ucf object| request object| Criteo string| paramsString function| checkFrameandInitStartFun function| processData function| _typeof object| TRC object| _tblConsole undefined| msg function| quantserve function| __qc object| ezt object| _qoptions function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| nam object| placementData object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals function| io boolean| noPreviewPage function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun object| cmTag object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| clientJsFunction object| _google_rum_ns_ object| google_persistent_state_async function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| _cm_wfCounters string| lastWfUrl object| vttjs function| WebVTT function| videojs function| Zepto object| Backbone function| startCMTagMain string| category object| $jscomp object| canAutoplay function| videojsContribAds function| videojsPlaylist function| videojsIma function| isValidVideo string| myPlayerGabywa object| oldScript object| attr function| shuffle object| entertainment object| arrToUse object| playlist object| divWrapper function| OvaMediaPlayer object| closure_lm_960212 object| closure_lm_745279 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| prepareAdRequest

188 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARDAFgoGCKIBEMAW
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1700045841.ED32D45C15374FB28A2AA5B399E4861A.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1700045841.0
.statcounter.com/ Name: is_visitor_unique
Value: 1700045841431841896
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1700045841.1.0.1700045841.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1672339767.1700045841
www.bg3.co/ Name: __AP_SESSION__
Value: 2f85c847-55c8-40f0-af9b-449a123855d1
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 7243aadc-1a9c-40eb-9528-d74a386ee37a
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1700045841_1700045841
.teads.tv/ Name: tt_viewer
Value: 5f1a83dc-3346-40b7-b091-eeb0b699c456
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.bg3.co/ Name: __gads
Value: ID=a71b6a9dbfb370b5:T=1700045841:RT=1700045841:S=ALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw
.bg3.co/ Name: __gpi
Value: UID=00000cc80a426a39:T=1700045841:RT=1700045841:S=ALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q
.omnitagjs.com/ Name: ayl_visitor
Value: 18b1af95784d4754dd872abc93894654
.rubiconproject.com/ Name: khaos
Value: LOZNEET6-1Q-1N34
.quantserve.com/ Name: mc
Value: 6554a411-f15b8-313d6-e9d3e
.bg3.co/ Name: __qca
Value: P0-439230185-1700045841749
.aralego.com/ Name: sspid
Value: a44869f5-0a83-3b88-a949-41c7b8b4ec7d
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D8e2c0c8c-1853-42cf-b14d-7ddb4e91c9a0-tuctc4e2991
.aralego.com/ Name: euconsent-v2
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUnSFtO8bTk4--0tDSO7kAS-Vpyyp6OwDmMU0pc7C-DvRd6kfZDN6aoIR9m2R0I
.casalemedia.com/ Name: CMPS
Value: 5218
.casalemedia.com/ Name: CMID
Value: ZVSkEpCJnkWPntFBDNTn7gAA
.casalemedia.com/ Name: CMPRO
Value: 3345
.yahoo.com/ Name: A3
Value: d=AQABBBOkVGUCEHuvYL2iIx7QOGWUEw8E0zAFEgEBAQH1VWVeZQAAAAAA_eMAAA&S=AQAAAuIvhQv-4A4V3LR6064aA7E
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2GU%dYBNM!]tbP6j2F-.aDabByFnKcwN`chifsp=a4xukCmow9y$WF=@9ao*qF1`*bfGX(9k/:
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPWk5FRVQ2LTFRLTFOMzQiLCJleHBpcmVzIjoiMjAyNC0wMi0xM1QxMDo1NzoyM1oifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0xNVQxMDo1NzoyM1oifQ==
.linkedin.com/ Name: bcookie
Value: "v=2&2b2e0c86-c7d0-4dbe-86e9-8e81089ba7d7"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDAwNDU4NDM7MjswMjGmTtsn9wGZj0TlhU+AR/g3IZxtGYKbGu+iRNX155LsQw==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3015:u=1:x=1:i=1700045843:t=1700132243:v=2:sig=AQGyw0ve_zSHnZdy49tox6MLf1SCrce7"
.doubleclick.net/ Name: ar_debug
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1700045843099
.tapad.com/ Name: TapAd_DID
Value: 04e51f54-25cc-4736-8399-4ef233d425c2
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.connatix.com/ Name: cnx_userId
Value: 2a01af8e1d5649dfa98c0240b89ef6dc
.ipredictive.com/ Name: cu
Value: 234bade2-ecb2-40f0-b4cd-4730af60b55e|1700045843214
.amazon-adsystem.com/ Name: ad-id
Value: A5hX1cS6skjzilj59NHsiyA
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: f44b401e6c644f8e
.ctnsnet.com/ Name: gid_CAESEAhYG6r5V8iCTR_RyZe2psM
Value: 1
.acuityplatform.com/ Name: auid
Value: 852668941767
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXRUDl6YmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV0VA5emI90aGlyZFBhcnR5VXNlcklkWkNBRVNFQlBVV2xCQkNKTkR2UzR5OGx4dW9fRfv7hnZlcnNpb27C+w=="
.w55c.net/ Name: wfivefivec
Value: IxV9aB011R3dAf5
.w55c.net/ Name: matchgoogle
Value: 5
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1700045843.1.0.1700045843.0.0.0
.go.sonobi.com/ Name: __uis
Value: 88b28cb9-490f-4de0-a502-23ebbbf43de1
.www.bg3.co/ Name: _im_vid
Value: 01HF9A1V7BH3FRJS5DM9AMY0HG
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1700045843.1.0.1700045843.0.0.0
.bidswitch.net/ Name: tuuid
Value: 9b0448ec-d5e2-415e-a5d4-664128ef3abf
.bidswitch.net/ Name: c
Value: 1700045844
.bidswitch.net/ Name: tuuid_lu
Value: 1700045844
.adform.net/ Name: C
Value: 1
.3lift.com/ Name: tluid
Value: 4113075282959722239675
.adx.opera.com/ Name: UID
Value: OPUb9af4910f73d4adfafb68f6edaadfe92
.simpli.fi/ Name: suid
Value: EC90A40E437D411EBE6188384A13407E
.adform.net/ Name: uid
Value: 1861992871520555189
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 92F189C5-44AD-4066-9CB9-7B0CB284505B
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003%22%7D
www.bg3.co/ Name: OX_plg
Value: pm
.openx.net/ Name: i
Value: 172d3692-8da9-0f14-0948-f2027744604c|1700045844
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-15T10%3A57%3A25%22%7D
.gssprt.jp/ Name: gid
Value: 5cf29c2828119d80b384f3f89510752c
.lijit.com/ Name: ljt_reader
Value: HqPRrRZHROA0Lw1SQ2iFNfcY
.servenobid.com/ Name: pid_339
Value: y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
.servenobid.com/ Name: pid_337
Value: y-ub5jPmhE2uHZMv5HUOGVZ2zx3bu0NNqkEw6XRbc-~A
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_333
Value: ZVSkEpCJnkWPntFBDNTn7gAADREAAAIB
.gumgum.com/ Name: vst
Value: e_7a9f0a61-2c0a-4042-8702-8f42550e303c
.servenobid.com/ Name: pid_310
Value: HqPRrRZHROA0Lw1SQ2iFNfcY
.servenobid.com/ Name: pid_312
Value: 7326357577168534038
.smartadserver.com/ Name: pid
Value: 7168262712027533764
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjM2MrU0NTW1MBTiM9T1DC3KrNI1MEs1DzUEADtyG8QlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjM2MrU0NTW1MBTiM9T1DC3KrNI1MEs1DzUEADtyG8QlAAAA
.turn.com/ Name: uid
Value: 2438261541404852095
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_324
Value: 5142336726325955581
.genieesspv.jp/ Name: rtbhouse
Value: 0
.genieesspv.jp/ Name: yeahtargeter
Value: 0
.genieesspv.jp/ Name: gid
Value: 5cf29c2828119d80b384f3f89510752c
.adnxs.com/ Name: uuid2
Value: 48507131891807019
.minutemedia-prebid.com/ Name: wrvUserID
Value: WG4ZTxzzCp_mm
.company-target.com/ Name: tuuid
Value: 05234b0e-250a-4b5e-a4e3-4d9868ce08dd
.company-target.com/ Name: tuuid_lu
Value: 1700045845|ix:0
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.servenobid.com/ Name: pid_309
Value: e_7a9f0a61-2c0a-4042-8702-8f42550e303c
.servenobid.com/ Name: pid_317
Value: 7168262712027533764
.quantserve.com/ Name: d
Value: EAgBIQG3KoEO-TCJiTCuu4EM-7EA
.go.sonobi.com/ Name: HAPLB8G
Value: s8594|ZVSkG
.nrich.ai/ Name: _nauid
Value: c24c36e9-7ceb-4bea-bd02-725a4a4219e5
.yellowblue.io/ Name: wrvUserID
Value: Bm4ZTxz-Cp_s
.contextweb.com/ Name: V
Value: gfixybuSFOC7
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 876954ae6f0120b9
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2f2a:18z8~2f2a"
.creativecdn.com/ Name: u
Value: 0X06BN0aKXdIDuxcteGn
.creativecdn.com/ Name: ts
Value: 1700045845
.adfarm1.adition.com/ Name: UserID1
Value: 7301641305985841294
.ctnsnet.com/ Name: cid
Value: ff3aa0e132a449bc921c116d28e2223b
.rqtrk.eu/ Name: browser_id
Value: 1:cadae752-6792-4dfb-b5a6-874edd407c72
.bidr.io/ Name: bito
Value: AAEX-E7KqUgAABPmzIkdKA
.bidr.io/ Name: bitoIsSecure
Value: ok
.servenobid.com/ Name: pid_316
Value: 92F189C5-44AD-4066-9CB9-7B0CB284505B
.servenobid.com/ Name: pid_348
Value: WG4ZTxzzCp_mm
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5142336726325955581
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8&KRTB&19420-xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8&KRTB&22979-xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8&KRTB&23462-xpfhjZGW5YjdxOWMkpr5isGRsI_dx-3dw8dfnlR8
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUb9af4910f73d4adfafb68f6edaadfe92&KRTB&23485-OPUb9af4910f73d4adfafb68f6edaadfe92&KRTB&23524-OPUb9af4910f73d4adfafb68f6edaadfe92
.servenobid.com/ Name: pid_332
Value: 88b28cb9-490f-4de0-a502-23ebbbf43de1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-012c6e6a-29df-3715-b451-0d83bd8b7c96
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJRaaHrsgQM5wdtD4sDXGQo&KRTB&23025-CAESEJRaaHrsgQM5wdtD4sDXGQo&KRTB&23386-CAESEJRaaHrsgQM5wdtD4sDXGQo
.weborama.fr/ Name: AFFICHE_W
Value: ToJxEGKe47NO22
.csync.loopme.me/ Name: viewer_token
Value: 061bb0cf-5b7a-4bdd-9180-1868ef2559cb
.servenobid.com/ Name: pid_321
Value: RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003
.adsby.bidtheatre.com/ Name: __kuid
Value: 7003ae82-8c46-412e-8bca-1edaae5d19ff.469259845
.sitescout.com/ Name: ssi
Value: a844fc12-9a52-433d-8320-5b21d2f072eb#1700045845581
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1861992871520555189&KRTB&23263-1861992871520555189&KRTB&23481-1861992871520555189
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-48507131891807019&KRTB&23339-48507131891807019
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIYBazbT1dogN3HjH_AAAAAAA&KRTB&22713-AAAIYBazbT1dogN3HjH_AAAAAAA&KRTB&22715-AAAIYBazbT1dogN3HjH_AAAAAAA&KRTB&23519-AAAIYBazbT1dogN3HjH_AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7301641305985841294&KRTB&23369-7301641305985841294
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2438261541404852095&KRTB&23150-2438261541404852095&KRTB&23527-2438261541404852095
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9b0448ec-d5e2-415e-a5d4-664128ef3abf
.servenobid.com/ Name: pid_352
Value: Bm4ZTxz-Cp_s
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVSkFQAD9Hez5AAU
.de17a.com/ Name: guid
Value: 1.4007090260949525310
.c.appier.net/ Name: _auid
Value: Gi1SbHcCAei4bY3QFaRUZQ
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDA0NTg0NTY2NX0
.360yield.com/ Name: tuuid
Value: 3f076d65-d70a-41f5-9e80-a0b0a0451eb4
.360yield.com/ Name: tuuid_lu
Value: 1700045845
.audrte.com/ Name: arcki2
Value: 8lhePALZGkWSWWbma2a2tNTJQ!20220908!1700045845676!ip#176.10.106.5
.audrte.com/ Name: arcki2_pubmatic
Value: 92F189C5-44AD-4066-9CB9-7B0CB284505B!20220908!1700045845676
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: c27aa4038a938aacec2d17dcb0674c2c
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o05|7dN.0.AAEX-E7KqUgAABPmzIkdKA|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-a844fc12-9a52-433d-8320-5b21d2f072eb-6554a415-4348&KRTB&23418-a844fc12-9a52-433d-8320-5b21d2f072eb-6554a415-4348
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4007090260949525310
.ads.stickyadstv.com/ Name: UID
Value: e5b62b22524fca0ec9b91a025e2fcd
.liadm.com/ Name: lidid
Value: e3492547-5570-4d85-8558-20a12cec997a
.audrte.com/ Name: arcki2_ddp2
Value: 8lhePALZGkWSWWbma2a2tNTJQ!20220908!1700045845796
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-559ea09d-024b-5524-5aa6-0fd67e4fbc20.K3R%2B4cv03gzvnb8VAHTfjkpfEBtHbdgujiiM3B10ifg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-559ea09d-024b-5524-5aa6-0fd67e4fbc20.K3R%2B4cv03gzvnb8VAHTfjkpfEBtHbdgujiiM3B10ifg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVZ6gnQJLVSRapg_Wfk-8ILAKagU.EU8Z965Y2NtYh3pavDKeV2U08O7u0dD36GHbQV5k0zY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVZ6gnQJLVSRapg_Wfk-8ILAKagU.EU8Z965Y2NtYh3pavDKeV2U08O7u0dD36GHbQV5k0zY
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VZ6gnQJLVSRapg_Wfk-8ILAKagU&KRTB&23334-VZ6gnQJLVSRapg_Wfk-8ILAKagU&KRTB&23417-VZ6gnQJLVSRapg_Wfk-8ILAKagU&KRTB&23426-VZ6gnQJLVSRapg_Wfk-8ILAKagU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILc9AZwjZbroYHs1IIFNCyV3z1X22Xk8FTFziAaMLjmeEHwYBCCVyNKqBjABOgTwi70wQgSwkPDb.fLREIHc%2F5BV8r5yElro%2Bz7WnKEPpCpfSrLToQG9T650
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILc9AZwjZbroYHs1IIFNCyV3z1X22Xk8FTFziAaMLjmeEHwYBCCVyNKqBjABOgTwi70wQgSwkPDb.fLREIHc%2F5BV8r5yElro%2Bz7WnKEPpCpfSrLToQG9T650
.audrte.com/ Name: arcki2_adform
Value: 1861992871520555189!20220908!1700045845881
.gssprt.jp/ Name: appier
Value: Gi1SbHcCAei4bY3QFaRUZQ
.smartadserver.com/ Name: csync
Value: 80:44NTvbSCV7j40Fe8t45LuuSFAr_401_t5tNBzimq|124:061bb0cf-5b7a-4bdd-9180-1868ef2559cb|141:8lhePALZGkWSWWbma2a2tNTJQ
.zemanta.com/ Name: zuid
Value: HIFgeU4I6Gp6hq--SPAE
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoeijvwqIgyRLVTIkcAJPBTCyji7+n+ttI6sr7aMhMzQbwRB2IhM1yQvOZS4Yf2VaYhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.gsspat.jp/ Name: gid
Value: da3c39d4fd467e57b379474c57cbae3e
.audrte.com/ Name: arcki2_smart
Value: 7168262712027533764!20220908!1700045845968
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEX-E7KqUgAABPmzIkdKA
.servenobid.com/ Name: pid_323
Value: LOZNEET6-1Q-1N34
.socdm.com/ Name: SOC
Value: ZVSkFcCo8X8AAE54v1IAAAAA
.gssprt.jp/ Name: lamp
Value: da3c39d4fd467e57b379474c57cbae3e
.openx.net/ Name: pd
Value: v2|1700045845.1|iyvQgevNgun0.j8vSgqwksLiSmOsfnswL
.rezync.com/ Name: zync-uuid
Value: 3b26b712-369f-4b71-9918-63f7b98fce69:1700045846.2289739
.dotomi.com/ Name: DotomiTest
Value: 669254a9b9c018fd
.blismedia.com/ Name: b
Value: 6554A4163214A1078B80F37EBLIS
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1WNsRGAMAzEjgGoKJgiXGI7tp9xwpGBKCkZgZIRmAo6QicV-j-7PlmMUbJLFvjVuHLkbTAupMUSBVbUIC8GIHlQrlbgdVkV8xdNRA5j7EO7BDn-nu-xeSazB682dXiKAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3GyxGAMAgFwIvt4PAL8CyHjBRi5XFP-11prdEpShYY8r8ESFHYZKNmv4FHkpl9lcetWkjDARPfR786AAAA
.creative-serving.com/ Name: tuuid
Value: 2e9e754b-91f5-4f82-8feb-d0e67474fa77
.creative-serving.com/ Name: c
Value: 1700045846
.creative-serving.com/ Name: tuuid_lu
Value: 1700045846
live.rezync.com/ Name: sd-session-id
Value: .eJwNykEOwiAQQNG7zLoYmGEGhss0tkJCtGhK3dj07rL7L_knzJ-8b_eW2wHp2L95gvVVhzqkE3r9bfkJCdh5JJKAQsjKzNHBNUHPvdd3m-tjPLSgLMGhIdFi_Eij6qIRKmHRWNYsmlyw1nqOXm6IUQMpXH-aeyUw.ZVSkFg.KX9ubVVYq1SPi_On2cHFQb8EWaY
.rlcdn.com/ Name: rlas3
Value: UiZMV9MjZ/+DdGqCfzmn3sSFPSrYN0iLy5mXVwk1Dv4=
.rlcdn.com/ Name: pxrc
Value: CJbI0qoGEgUI6AcQABIGCLbqARAAEgYIuuoBEAA=
.pubmatic.com/ Name: SPugT
Value: 1700045846
.pubmatic.com/ Name: DPSync3
Value: 1701216000%3A235_227_226_219_197_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1700611200%3A2_223_15%7C1705190400%3A69%7C1702598400%3A203%7C1701302400%3A35%7C1701216000%3A234_264_251_99_233_55_46_214_196_8_56_254_204_249_176_238_22_13_71_161_166_3_81_220_88_243_7_21_54_165%7C1700870400%3A63
.zeotap.com/ Name: zc
Value: 846a1ba5-d92d-445b-4eb5-5b7dae4c226a
.ads.pubmatic.com/ Name: KCCH
Value: YES
.onaudience.com/ Name: done_redirects104
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-291bc5d9-634c-463b-a87b-a4799f32f8f1-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.pubmatic.com/ Name: pi
Value: 158810:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700067448592
.semasio.net/ Name: SEUNCY
Value: ABA0707047D8B352
.tribalfusion.com/ Name: ANON_ID
Value: aqnwYSmMZaE8DXqwmMVTReaocNg8ZavmsqCKMkpsrTECxaM2WQK7SHaXMSAA5Gyn3Grj5VFHrGS8l18uXvtDY2T23C3c4cYtqEyxVrZdrAETkbTfLNpZa8RUv0exMHIA
.onaudience.com/ Name: done_redirects147
Value: 1
.smilewanted.com/ Name: sw_user_params_infos
Value: wXFdKaPNm7jjrqa5Yifpyv146rF1zOFsB%2FLmYHv0AOXfziL3cacvZKX3GqjmpGJuppPuiYgVeyUqJXubW0MpDuNlNd5mV6E4g2atQNE9YIniAmoiIjWO1N56aaSNtGo2AtcjzXZanK9Kz4X2BjnMYJ7IjrFyz9nu0PIe7MjbWVEB4Gk2IjLznlVGW9pv4PxutMuoplm6W9OgASD7a1YYm89SSs%2Bt7l7FS49fpMNAclY5k79uKDSSI2Wbei%2B%2BdyDzaYG8HB5AsMZJSTUrlOHnMpwqvxGJHodkTF777gjtg9Gt2eeYywX0zNtaT8eRtUymBRXEJZMwbWLHlgdhoU7%2FO4GN%2F1ZGdU3UbGGSOAX5GrIVrUYva5qh34nT76o2ecAbnVXvP3c1B%2B6RhWIpNEreOQ%3D%3D
.onaudience.com/ Name: cookie
Value: 30d090c21b5bce22
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-NrGB8F9IYaQaRajXbhVhjnXX
.pubmatic.com/ Name: PugT
Value: 1700044715

31 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/ef34e2bdee6e1a4eeb04ad8a81a81c02.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/7afbca5d6ce79939ebba39b0c57847cc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ab60c5c1c97f6fd1a0b72d56e49298dd.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/692724cd05f467eed065daad093f9527.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c6ad0aa2daa483e7437ad68f36f76b8d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/98aef8785adb1c6e2dea2963c45a511f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9e18714a714d4df24457e6012541d777.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/01d91856e6768f229c3ede8dc9c5f23c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/3cdc122d055526e16fb9313c569df057.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/b0c2e8e1461cd16d6061d434232da91d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/aa002785cfe427d3749b1467babfc33b.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/89454e5b577279e82783d2ea5f3b8cb2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/f470d983a2abeb41e0f2008f333aa827.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/19164cfd3bf7b0ca4992e392dead587a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d8f3fd80a46a7cdb8a203fced0451e9c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/968aa298eee2c7c5e46c773ecc588ff2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/1fc0af5c17676ac808940582afa5bc65.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/100a421dab8da16cd26064baffe97125.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/6c9e86b684a9a9e61795c4ef62fea742.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/255c10d61e3d52d72c2d31c8c188ab07.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/3d79ae5215dcef91b20265ced5a03f90.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/358644ab4c71dd184cf61fef9e53bf83.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/d21edbcc85c38bedd1e4463e4bff9549.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3292827c832174ca5d4f6eb2984ea724.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/3db1fbe2f43b50a8af08cd98918ab338.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9049f7d59f2e1209cf6b3fa330453779.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700045842&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fren-shi-de-nu-ren-du-jiao-lai-sheng-li-xing-zhao-dai-ri-shang-huan-zi-xi-ding-zhu-bai-bei-feng-huan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700045842140&bpp=276&bdt=524&idt=623&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Da71b6a9dbfb370b5%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MY-gkEjckftvT_GLMeXb_UaJ491Gw&gpic=UID%3D00000cc80a426a39%3AT%3D1700045841%3ART%3D1700045841%3AS%3DALNI_MYo6JDpFLA7_t4rPe0Cuy4W3ji47Q&correlator=2509749297961&frm=23&ife=1&pv=2&ga_vid=1672339767.1700045841&ga_sid=1700045843&ga_hid=930640941&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3140&biw=1600&bih=1200&isw=336&ish=280&ifk=1511595645&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532600%2C31078301%2C44807764%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2860807841741990&tmod=433302655&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u9zqo9cn6gox&btvi=1&fsb=1&dtd=637
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvcmVuLXNoaS1kZS1udS1yZW4tZHUtamlhby1sYWktc2hlbmctbGkteGluZy16aGFvLWRhaS1yaS1zaGFuZy1odWFuLXppLXhpLWRpbmctemh1LWJhaS1iZWktZmVuZy1odWFuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 499)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
187a39e975b517f47d5b01a9f3d97e5e.safeframe.googlesyndication.com
95f1b43694af234ec66eb9e941a0221b.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
audiencedata.im-apps.net
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
c21lg-d.media.net
capi.connatix.com
casale-match.dotomi.com
cat.nl3.eu.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.indexww.com
cdn.js7k.com
cdn.jsdelivr.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.chocolateplatform.com
cs.gssprt.jp
cs.media.net
cs.yellowblue.io
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d.turn.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g.c.appier.net
g2.gumgum.com
gcm.ctnsnet.com
genieeintl-d.openx.net
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900015.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
ice.360yield.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
onetag-sys.com
openx2-match.dotomi.com
ox-delivery-prod-europe-west4.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pro.ip-api.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rt.gsspat.jp
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
socket.unibots.in
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
us.shb-sync.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
vjs.zencdn.net
wf.taboola.com
ws.rqtrk.eu
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
static.bg3.co
sync-tm.everesttech.net
sync.mathtag.com
us.shb-sync.com
103.231.174.251
104.18.36.155
104.18.38.76
104.18.41.104
104.20.219.77
104.22.68.131
124.146.153.169
13.248.245.213
13.32.27.28
13.32.27.99
133.186.12.14
134.122.57.34
138.201.135.164
138.201.84.245
139.144.5.218
139.162.38.30
141.226.224.32
141.226.228.48
141.94.171.213
141.94.242.206
141.95.32.72
142.250.184.230
142.250.185.130
146.59.148.16
147.75.84.158
15.197.193.217
151.101.1.44
151.101.2.49
151.101.65.44
152.199.21.70
154.59.122.79
159.203.145.121
162.210.196.208
162.55.120.196
169.197.150.7
176.9.26.250
178.250.1.6
178.250.1.9
18.157.98.129
18.157.99.226
18.197.198.113
184.30.22.30
185.106.33.48
185.184.8.90
185.64.190.78
185.64.190.79
185.64.191.210
185.86.138.146
185.86.138.152
185.86.139.93
185.89.210.244
192.96.203.13
193.0.160.130
195.5.165.20
198.47.127.20
198.47.127.205
2.18.160.23
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
213.155.156.167
216.52.2.16
216.52.2.30
222.230.178.130
222.230.178.132
222.230.178.29
23.32.184.192
23.32.185.35
23.35.236.188
23.56.202.187
23.97.225.52
2400:52e0:1e00::1054:1
2400:52e0:1e00::1075:1
2400:52e0:1e00::1078:1
2600:1901:0:e207::
2600:1f18:24e6:b902:3b73:e7ee:7fde:90af
2600:9000:223c:3800:6:44e3:f8c0:93a1
2600:9000:223f:7200:1f:4c18:bd40:93a1
2602:803:c003:200::44
2606:4700:10::6816:1857
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4a81
2606:4700::6810:5814
2606:4700::6812:19ad
2607:ae80:4::25
2607:f8b0:4001:c10::78
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:22::14
2a00:1288:80:807::1
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::c
2a02:26f0:480:25::1726:620a
2a02:fa8:8806:16::1370
2a04:4e42::649
2a04:4e42::729
2a05:d018:d29:3601:29b0:22b3:ca65:1176
3.126.136.176
3.126.228.123
3.69.152.80
3.75.62.37
34.102.196.122
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.255.67.121
34.91.62.186
34.96.105.8
34.96.71.22
35.186.193.173
35.186.253.211
35.214.188.68
35.244.159.8
35.244.174.68
37.157.3.20
37.157.5.133
46.228.174.117
51.255.68.171
51.77.64.70
51.89.9.253
52.19.228.53
52.200.65.147
52.210.15.1
52.210.50.120
52.210.96.209
52.46.128.147
52.51.180.59
52.72.41.189
54.156.137.107
54.220.165.75
54.65.50.241
54.77.250.56
54.83.246.219
63.34.193.74
64.74.236.223
65.9.66.83
67.220.228.202
69.166.1.66
69.173.144.137
69.173.144.138
69.173.144.139
72.251.241.204
77.243.51.121
77.245.57.72
8.43.72.97
82.145.213.8
85.114.159.93
88.99.69.161
95.101.148.20
95.101.149.35
98.98.134.243
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04f0df4ed3122b2f5319372f31e8af0393df3b510c8a615a57acb2e23c74ed49
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07029a31a26e00eafb71bacabca73a47d40527855c63d5e950787a8486d13da9
079877db7d161d2fced74006492057b9b59d603c69cde3ae4469ef8ae096f1ca
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a470610882b87435d135f0a36148dc4b95a6e0b0b574efceea83c15801a1ab2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ff8b551579e61afcd10bd1fe8b5093e9411c257cff7b6f9883b8b458b474670
10034b0b580689f51630a1c21a0e992ee7d85275e6ee509d519a8f5012f86657
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13e66a6cfecb13fb4d7527deb2133fdc041e77817ee429bab3514f843b1f4778
14b8258a61e9708810dc58cd90b99b01dbb5e33b3b1317b285d165eeaff6c7e2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1955307b944c4aee26dee8fe7a273e8485c6497565d225dd08f80be60897fa49
195fb7f0ace546649cb50fa6f11f7eebadfd123c8d55d16e09bd2e2fcf21f1a7
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2058250bc2046edc59b1f94454fb634163ba03de01a875ac5d8570f48d394ce8
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2609da3252bf5f5cde58c3dbfa755b745aa6fc062c0ae46e4cff5a18794ddbeb
268fb8f58b9437ad115850150f6eb038255a9b4ffa20cb83ed67a84bf887227b
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26e59ea15b24ae097879c73b72c4addde2ace144bee938b5e763ddae5d819b97
28a3320749440ee186044135d5f8df9d013ee44e3056ef87abc0edac2e80757d
294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dd7fa2b1b9475d715111c9f792b11370c40cebab38a214187de841f55e15576
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3733fa6d0ee22c0ed17c6094436438b7761d02b78308dd0268c930fc43fa3ef9
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3afe8aed10450d890bd2e05f72771d6df58580ee5cc7503b42ba001d50123977
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c636ea64ef9780d7e7d17bf1756cd6708d9a3e284544f265c1fc5ea234455b2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e5a8a850c14c9488bcb7a7c7715cc8b4d5848b887d18ea29e8a431d90d80e7e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410d5e9dc92f3ecce58f78866878761cf25b32e2fc394660eeead55b35263c1d
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4378d18f09d81984f4eae7d306eddf5fcfebaf12d9c903a31334c12c9c190f74
4387ec708011f0918d3f0b2f5721fe41a2df0d5b709b57c58a0550a33ff1ed14
438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8
463c22dc8c2d4a1be87d3c8c018d947db83778f737fc751b09786e2bb15098f6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
49ef44ebc71277ead5c47365b429b2d9d2cddf222e769c74400905bdefc3901d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b77b6497455ba7ca638901b38418e1f3fb1c858de87a1087e5334929ec237b1
4c65c9b34189d767a2dcb8cb09ef65858b35d70b7d70bce347cfe00c66db9af5
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fac5b861b7c65e89229b00ba7cb16a2f672b3eecc04e4792fde391f3f836574
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
5130017a6fb1d1324ebeb242796828ab8fa60b68c6e7a8462fc9ec436018812e
540bfa1c39577e05326e012b7ff5a4487a9812fadb28bcba6348af7219368864
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55685380e9a7d5033d7c5223f6a0d34adfe402cefd443c626510decaae9e56c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a1945d0946796f7b901dc5016438ee373b61202b424a69992530dd65ff58df
56c967334f0bf9f703969fb095aea727d403b1100e995a872474445ba8c2d341
587d7b08db52f6a97e39338478246056b0ec24737f96d8e87b236088da9adb6b
592f777bd520b435c5e6514eeadb41691a3d20629e25cd5cd6dccd2b2dd8154f
5a6c30b0f026ecaec073ad12bc0a32f3dbffbed64640b2778220d3b93b0f09b9
5bc63d04676b0420227e8fb58c5790d7292495aca8f6d585c177f620a9d63fc9
5e6781229a252e3beddf9f5747d2c20cfe07f7bb11ecc0462ce8f274e034472e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
641af0798b3ed632b2c013b8d64a5594edb962f8dff932ed54bdddbe107a4174
65e9f410f3d9e28cea22dbd695c97520ec6267b8c70a3431e35f5830b9ea2b3d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c33ff1761b261ed8a54102f316494819d6d2808ae58202812cbf7df819bf41c
6c7ce900f65fbf31e9380c2e6caa3d015209b64eb39c3538cc1f483b9befd5f9
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ecccaba1aafb9b9d6ab52ff77ff86b10eaa3e1b42476f3b2f1b6c129a9929d9
6f9effe53a85c5f7c2b587c2985f817f08e3905ff5a090d1030aa54d298ccbf3
70d8debfe8539b58126335a2d54f0e17d4decf7856272a25d3ff2b54dcb36f6c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
739fd58fc913288fb968cd4398829c1e7addcce2c17484639aff45391b860227
75c1fa5846518acce24dd7a2337fa14649b54b60561c3c5680c75842f1defac2
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7783dfb9454a164a578f15a0c42b7ac16e969ea15936f06afd26348b7ded37ac
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
80766eaa75dc693502e8747e094c14fda080a0d2eab6f9e0d2a86d6b69140163
8112d1655fe510787858ea1cf10ffc6a270a3b2ce7a15f42a4821bec24564c06
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81dea5c6f02ce4e6febb24b50891f472338a2b26b480fcdb8c31e02ed7b46907
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
895bd9050603f38661d38658a5ba74502af44d9041f55e2f4e0387de316eb184
899cd827b6e68f174b638b32474a1a4dcf10ae941985baa9adb9417ade728e89
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4360d495b9f0d25587e02aa74e8a804291da498f704eddffc8f5134a5a50f4
8c4a0001ce4213c875de63dc18782f57b299bfb48d0325863f5f4544b6ee9e93
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
900ec78b1fa39580505c2dce4aa6c8c421936098b2ade5d65c2f0c21acc2030f
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782
9316571d92ecefaf9773937c1e4cf6003be9c8bd2059f6a5174e0ada0f1bb3a3
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af30e690a73d34016294ddd4d83805936b17ceb227df40f4efc6eab00cfc761
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9ef5a61ef8983fc566496a5263dfec303f241b87af2e6f3f37db0635dcd8707f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2f1b394484a13ac3ecc682b06780ed0e76070e3268649917343df5634c68794
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a47145094ab81b3f3cb910552afd76293d2af76934b75182b2abe5c32ca90411
a5135ef43e311a30d3984560af2eef53dc97ea1da1645ec11e4475e3ef934a48
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7976d5bd0166661439fd6af26f2989fe05a8520573eabb24ef3cb8f9d9b526b
a9e2b6fd2efae166927434940073a5cd2928df3814349e3648993f805547411e
aebb3b33f5530ad6aa56e548eac5c8d1213770769cd358a98c8a3e740f38c3a3
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afebc5864c9a64c77ad33510e4c55cd73af032ea4e286771401733f9ac70b2d9
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b0e77151c7176e8a2cf5cddd979cc61ab2d0cdf95c1303a7267fa8b598a9f4c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c6bb12efccc9573188c1b881ef825426e65f2d0a64b0d5808e0dbfc12b5207
b499758f19f8908ac7f96fcb014f53fc5ab0fb1b372828c83c9c0d4f76403bcc
b6330f30714835990abd39bca7dc7fd4c331adbdfc0a1c842903bf9f2d19810c
b7e55008a1b307ebbf3b016ee46b15d63885ad2505330ef1ea6d249618a842c6
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
b9be7158c22e6b491bf8e343b9de0b503588d232c5d6bce3deca1bb5b3c02020
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bbe7ac7e8545aa2e0cdf39284056141e8eb4db4aa1142c98ee7ae6b524421462
bc61fde3c0fc7956df42489563652fbcc76999f43fb36235c40705faeb0d243e
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd0129194416ecf1c481ba749bb12d1a13a889a18dce7578f7baf015c3002170
bd6053178fc8f836570b1cf78d83c402bc396703979e32d66c63589aba538fe8
c03555c720d8a9c4c33f6df9be1d90a433449b31d6e149f8d1b451fca2116b8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22a4b188db87ba6b65f567352eef0bd6d400fd25fb6caadf65d1ec87f20bc8b
c2876e7991075e17603d8a1f01206b1d5725199803f8baa5651b5078f4f33be9
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c6d21ed29a98c9725cd2e5e259497e60f8f3820d419a8b74a53460656ab6700d
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ca37daecd4621164f645a0b844d6096d07da1c18e0b5d7b7f4f8b4f1594053ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09bd8e3d503bc79eb1482fff8be68b0005fedbc286b1e54ecc817af53bd7272
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d17bd778d9055f880b83d86f4bd0c6292e894cea5c9d0df3243224a887bcfe73
d26ae523edbd258d6f649f6cef6e79b453dd38400e8fb58aae62422d3e324ef1
d2fa3b8dea1c733629259cb9a7d06d6eaf9d23000bfd87a1b611ca40d7f38762
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d62ef0b660e3f8e1798fbf79cfeca6b95db931127827239e7ad1582fe7333e89
daa56b64ea6d4e7e71f991057578eae95223b10fd0865a930217382f9720c386
dbd25ac4aa255b6b7c0c99b95f9a74d1eddd4168f29eb6ea15db37f6554a1717
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
e2dd05ac84ae3f8de2d2324c26caa0d9cbe1e1f16b661cac7e7827e3dd60f485
e30afbbc2eeeccc6899ecce44c3c3ab6a5176010998ae5811da239ecb21fc467
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6f3de9fa7f484b6266e4a1d211d0d0bc1ef09c1b5efed523417888eb2ade51a
e7012aca0d9517e024e88f327ce21e0c3fff97d8d56d15ef8cf7b47465a063c8
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ecd767f96a6509b82fe17e2d7d2c24ff35183e0a068101eb0560bf94f6d6248a
ed225722ab695305e497cad42d49b678b91834cf0cd0b44de1699039c2109f0e
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef07e6dc2c4e15ebf4499b2509e073797fb39673d212bf30c051a25bec2d4368
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
ef47d30d652b4be15f970935fa13b1e03fe301553ea250f582fc69b0ed37bb4e
ef6ca8dad8a63869fec190ce7949b92b367981f281677daf118b588e2313fb93
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd
f40af651af2653b9199ca62e448508dacbf892a65e0970bcb8c93caa5fb6d984
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f80cd0a56330fc05f4b0b70342e4428223a6da66e375c8ea03bbdac1450fb29d
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb47736d3fd1267f76539579982d0f731bd543d008163b8a0b4731026a1a5107
fb786ae098bf5c6f0b2886c9651feefc62dc69a580132d059550efe86d44ab1d
fcb6eec6ad9e415f058503c96d3b39f1732e87a30ecaefe1e638206ecf0dc163
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8